Manualshelf

User`s manual

ManualsBrandsAudioCodes ManualsComputer equipmentMediant 600
311312313314315316317318319320
Version 5.4 319 May 2008
SIP User's Manual 4. ini File Configuration
ini File Parameter Description
Internal Firewall Parameters
AccessList
This ini file table parameter configures the device's access list (firewall),
which defines network traffic filtering rules. The format of this parameter is
as follows:
[ACCESSLIST]
FORMAT AccessList_Index = AccessList_Source_IP,
AccessList_Net_Mask, AccessList_Start_Port, AccessList_End_Port,
AccessList_Protocol, AccessList_Packet_Size, AccessList_Byte_Rate,
AccessList_Byte_Burst, AccessList_Allow_Type;
[\ACCESSLIST]
Where,
Source_IP = IP address (or DNS name) of source network, or a specific
host.
Net_Mask = IP network mask 255.255.255.255 for a single host or the
appropriate value for the source IP addresses.
Start_Port = Start destination UDP/TCP ports (on this device) to which
packets are sent.
End_Port = End destination UDP/TCP ports (on this device) to which
packets are sent.
Protocol = Protocol type (e.g., UDP, TCP, ICMP, ESP) or the IANA
protocol number.
Packet_Size = Maximum allowed packet size.
Byte_Rate = Expected traffic rate (bytes per second).
Byte_Burst = Tolerance of traffic rate limit (number of bytes).
Allow_Type = Action upon match (i.e., 'Allow' or 'Block').
For example:
[ACCESSLIST]
FORMAT AccessList_Index = AccessList_Source_IP,
AccessList_Net_Mask, AccessList_Start_Port, AccessList_End_Port,
AccessList_Protocol, AccessList_Packet_Size, AccessList_Byte_Rate,
AccessList_Byte_Burst, AccessList_Allow_Type;
AccessList 10 = mgmt.customer.com, 255.255.255.255, 0, 80, tcp, 0, 0, 0,
allow;
AccessList 22 = 10.4.0.0, 255.255.0.0, 4000, 9000, any, 0, 0, 0, block;
[\ACCESSLIST]
In the example above, Rule #10 allows traffic from the host
‘mgmt.customer.com’ destined to TCP ports 0 to 80. Rule #22 blocks traffic
from the subnet 10.4.xxx.yyy destined to ports 4000 to 9000.
Notes:
This parameter can include up to 50 indices.
If the end of the table is reached without a match, the packet is
accepted.
To configure the firewall using the Web interface, refer to ''Structure of
ini File Table Parameters'' on page 293.
AccessList_MatchCoun
t
For a description of this parameter, refer to ''Configuring the Firewall
Settings'' on page 115.