User guide
Firewall Rules Language
119
Proventia Network IPS G and GX Appliance User Guide
IPv4 address expression examples
The
<n>
can be either hex or decimal number in a range from 0 to 255. All hex numbers
must have a
0x
prefix. The following table lists examples.
TCP/UDP ports, protocol identifiers, or numbers
The values listed for any constant must be within the fields required range; otherwise the
parser will refuse the parse clause.
0xFFFF
65535
0, 1, 2
0 - 2
! 3 - 65535
Complete firewall
rule examples
The following statements are examples of complete firewall rules. If you do not specify a
protocol, the rule assumes and uses the
any
protocol.
●
adapter A ip src addr xxx.xxx.x.x
(where x is a number in the IP address)
●
adapter A ip src addr xxx.xxx.x dst addr any tcp src port 20 dst port
80
(where x is a number in the IP address)
●
adapter any ip src addr any dst addr xxx.xxx.xx.x
●
adapter any ip src addr any dst addr any icmp type 8
●
tcp
●
adapter B icmp
●
udp
Example Description
n.n.n.n Single address
n.n.n.n, n.n.n.n Address list
n.n.n.n/<netmask> Specific address using CIDR format; netmask value must range from
1 to 32
n.n.n.n - n.n.n.n Address range, where first value is greater than last
Table 35: IPv4 address syntax