Manualshelf

User manual

ManualsBrandsCobalt Digital Inc ManualsHome building and DecorCobalt NASRaQ
71727374757677787980
Chapter 3: Qube 3 Services
58 Cobalt Qube 3 User Manual
Rules and chains
A packet-filtering rule consists of a set of criteria, and an action to take if a packet
matches the criteria (this action is called the rule’s policy). Criteria for a rule can
consist of items such as the machine from which the packet originated, the
destination of the packet and the network interface through which the packet is
moving. Typically, a rule’s policy accepts or rejects the packet; if rejected, the
packet is discarded from the system.
Rules are organized into ordered lists called chains. When a chain of rules is
applied, the firewall system tests the packet against each rule in sequence. If a
packet meets the criteria of a rule, the action specified by the policy is taken; the
packet is not evaluated against the subsequent rules. If a packet does not meet the
criteria of a given rule, the packet is evaluated against the next rule in the chain.
Chains can also specify a default action to apply to packets that do not meet the
criteria of any of the rules within the chain.
The Qube 3 allows you to configure three different rule chains, which are applied
to packets at different stages of a packet’s lifecycle within the Qube 3. These
three chains are known as:
Input chain. The input chain is applied against all packets entering the
Qube 3 through a network interface.
Forward chain. The forward chain is applied against all packets being
forwarded through the Qube 3 to another computer.
Output chain. The output chain is applied against all packets attempting to
leave the Qube 3 through a network interface.
Note: The output chain is applied against both existing packets
being forwarded through the Qube 3 and new packets created by
local services on the Qube 3.