User manual
Firewall
136
Note
The first matching rule determines the action for the network traffic, so the order of the
rules is important. You can use the Move Up and Move Down icons to change the order.
The rules are evaluated top to bottom as displayed on screen.
Adding or modifying a rule is shown in the following figure:
The Action specifies what to do if the rule matches.
• Accept means to allow the traffic.
• Drop means to disallow the traffic.
• Reject means to disallow the traffic, but also send an ICMP port unreachable
message to the source IP address.
• None means to perform no action for this rule. This is useful for a rule that logs
packets, but performs no other action.
Type controls which incoming and outgoing interface options are available.
• Forward means filter forwarded packets only, i.e. packets traversing the SG unit.
You can select both incoming and outgoing interfaces.