User manual

Error! Style not defined.. Error! Style not defined.
71
Field Description
IP Option Pkt Determines whether the rule should
apply to IP packets that have options
specified in their packet headers.
o
Yes:
The rule will be applied only
to packets that contain header
options.
o
No:
The rule will be applied only to
packets that do not contain header
options.
o
Ignore:
(Default) The rule will be
applied to packets whether or not
they contain header options,
assuming that they match the other
criteria.
Packet Size Specifies that the IP Filter rule will take
affect only on packets whose size in
bytes matches this criteria. (lt = less
than, gt = greater than, lteq = less than
or equal to, etc.)
TOD Rule Status The Time of Day Rule Status
determines how the Start Time/End
Time settings are used.
o Enable:
(Default) The rule is in
effect for the specified time period.
o Disable:
The rule is not in effect for
the specified time period, but is
effective at all other times.
3. When you are done selecting criteria, ensure that the
Enable
is selected and then click
Submit
.
If the security level of the rule matches the globally configured
setting, a green ball in the Status column for that rule,
indicating that the rule is now in effect. A red ball will display
when the rule is disabled or if its security level is different than
the globally configured level.
4. Ensure that the Security Level and Private/Public/DMZ
Default Action settings on the IP Filter Configuration page
are configured as needed, then click
Submit
.
A page displays to confirm your changes.
5. Select
Admin
>
Commit & Reboot
and click
Commit
to
save your changes to permanent storage.
IP filter rule examples
Example 1.
Blocking a specific computer on your LAN from using
accessing web servers on the Internet:
1. Add a new rule for outgoing packets on the ppp-0 interface
from any incoming interface (this would include the eth-0
and usb-0 interfaces, for example).