IP Rules

IP Rules

The following settings set define the filtering rules for IP packets:

Rule setting

Description

Select rule action

Permit allows packets that matches the filter to pass through the interface

Deny stops a packets that matches the filter from passing through the interface.

Source address

An IP address expressed in dotted decimal notation or as a hostname to compare with the source IP address of the packet.

Destination address

An IP address expressed in dotted decimal notation or as a hostname, to compare with the destination IP address of the packet.

Select protocol

The filtering protocol that you apply to the filter rule. Select the filtering protocol from the pulldown list.

Source port

If checked, you can accept or deny packets from port numbers that are equal (=), greater (<) than or less than (>) the source port.

Destination port

If checked, you can accept or deny packets from port numbers that are equal (=), greater than(<), or less than (>) the destination port.

Protocol Number

A number that matches packets by using the specified Internet protocol. Number is a specified protocol number as listed in Assigned Numbers in RFC 1700

ICMP Type

Sets filtering rules for Internet Control Message Protocol (ICMP) packets.

Log

Packets matching the rule are logged by syslog to the loghost.

Notify

Packets matching the rule are logged by syslog to the source of the packet.

Established

Accepts only packets being sent to an established IP network connection and denies packets sent to established new IP connections.

Rule setting	Description
Select rule action	Permit allows packets that matches the filter to pass through the interface Deny stops a packets that matches the filter from passing through the interface.
Source address	An IP address expressed in dotted decimal notation or as a hostname to compare with the source IP address of the packet.
Destination address	An IP address expressed in dotted decimal notation or as a hostname, to compare with the destination IP address of the packet.
Select protocol	The filtering protocol that you apply to the filter rule. Select the filtering protocol from the pulldown list.
Source port	If checked, you can accept or deny packets from port numbers that are equal (=), greater (<) than or less than (>) the source port.
Destination port	If checked, you can accept or deny packets from port numbers that are equal (=), greater than(<), or less than (>) the destination port.
Protocol Number	A number that matches packets by using the specified Internet protocol. Number is a specified protocol number as listed in Assigned Numbers in RFC 1700
ICMP Type	Sets filtering rules for Internet Control Message Protocol (ICMP) packets.
Log	Packets matching the rule are logged by syslog to the loghost.
Notify	Packets matching the rule are logged by syslog to the source of the packet.
Established	Accepts only packets being sent to an established IP network connection and denies packets sent to established new IP connections.