Manualshelf

User guide

ManualsBrandsEricsson ManualsComputer equipmentHM210di
61626364656667686970
Firewall Configuration
66 (98) EN/LZT 108 6492 R1
April 2003
Field Description
TOD Rule Status The Time of Day Rule Status determines how the Start
Time/End Time settings are used.
Enable: (Default) The rule is in effect for the specified time
period.
Disable: The rule is not in effect for the specified time period,
but is effective at all other times.
3 When you are done selecting criteria, ensure that the Enable radio button is
selected and then click the Submit button.
If the security level of the rule matches the globally configured setting, a green
ball in the Status column for that rule, indicating that the rule is now in effect. A
red ball will display when the rule is disabled or if its security level is different
than the globally configured level.
4 Ensure that the Security Level and Private/Public/DMZ Default Action settings
on the IP Filter Configuration page are configured as needed, then click
Submit.
5 Select Admin > Commit & Reboot and click Commit to save your changes to
permanent storage.
11.2.3.1 IP Filter Rule Examples
Example 1 - Blocking a specific computer on your LAN from accessing web servers
on the Internet:
1 Add a new rule for outgoing packets on the ppp-0 interface from any incoming
interface (this would include the eth-0 interface, for eaxmple).
2 Specify a source IP address of the computer you want to block.
3 Specify the Protocol = TCP and enable the Store State setting.
4 Specify a destination port = 80, which is the standard port number for web
servers.
5 Enable the rule by clicking the radio button at the top of the page.
6 Click Submit to create the rule.
7 On the IP Filter Configuration page, set the Security Level to the same level
you chose for the rule, and set both the Private Default Action and the Public
Default Action to Accept.
8 Click Submit and commit your changes.
Example 2 - Blocking Telnet access to the device:
1 Add a new rule for incoming packets on the ppp-0 interface.
2 Specify that the packet must contain the TCP protocol, and must be destined for
port 23, the standard port number used for the Telnet protocol.
3 Enable the rule by clicking the radio button at the top of the page.
4 Click Submit to create the rule, and commit your changes.