User manual
Network Services
Cobalt Qube 3 User Manual 153
Policy definitions
In the Add and Modify Firewall Rule tables, the Qube 3 Administrator selects an
action in the Policy pull-down menu. The policy determines the action taken if a
packet matches the rule’s criteria.
The following policies are supported:
•
ACCEPT
accepts the packet into the system. The packet “passes” the rule
chain and no further rules within this chain are applied.
•
DENY
discards the packet. The packet is dropped from the system; the
originator of the packet in not notified that the packet was discarded.
•
REJECT
rejects the packet. Like DENY, the packet is dropped from the
system. However, unlike DENY, the sender of the packet is notified that the
packet was discarded.
•
MASQ
masquerades the packet. Masquerading rewrites the packet as it
passes through the Qube 3 to make it appear that the packet originated at the
firewall. This is the same effect as enabling Network Address
Translation (NAT).
•
REDIRECT
redirects the packet to a local port number. Regardless of the to
which port number or IP address the packet is actually addressed, the packet
is instead routed to a port number on the Qube 3 itself. This port is specified
in the “Redirect to Port Number” field. This feature is primarily used for
features such as transparent proxy servers.
✍
Note:
The MASQ policy is applicable only when configuring
forwarding rules.
✍
Note:
The REDIRECT policy is applicable only when configuring
input rules.