User Manual

ManualsBrandsAPC ManualsPOWERRack Automatic Transfer Switch 230V 10A

100

Rack ATS AP44xx User Manual88

Path: Configuration > Security > Firewall > Create/Edit Policy

Create a new policy; delete or edit an existing policy

NOTE: While deleting an active enabled firewall policy cannot be done, editing a running policy can be

done but is not recommended as changes are applied immediately. Instead, disable the firewall, edit the

policy, test it, and then re-enable the policy.

Create a new policy

Click Add Policy, and type in the file name for the new firewall file. The filename should have a .fwl file

extension. If left without a file extension, .fwl will be appended to the name automatically.

• Click Apply: If the filename is legal, the empty file firewall policy file will be created. It will be

located in the /fwl folder with the other policies on the system.

• Click Cancel to return to the previous page without creating a new firewall file.

Edit an existing policy

Select Edit Policy to go to the edit page. You can edit an firewall policy which is not active.

Warning page: If you attempt to edit the active enabled policy, a warning page will open. “Editing the

active firewall policy will cause all changes made to be applied immediately. It is recommended

to disable the firewall and test the policy before enabling it.

– Click Apply to leave the Warning page and return to the Edit Policy page.

– Click Cancel to leave the Warning page and return to the Create/Edit Policy page.

1. Select the policy you want to edit from the Policy Name drop-down list, and click Edit Policy.

2. Click Add Rule or select the Priority of an existing rule to go to the Edit Rule page. From this

page, you can change the rule settings or delete the selected rule.

Setting Description

Priority If 2 rules conflict, the rule with the higher priority will determine what

happens. The highest priority is 1; the lowest is 250.

Type host: In the IP/any field, you will enter a single IP address.

subnet: In the IP/any field, you will enter a subnet address.

range: In the IP/any field, you will enter a range of IP addresses.

IP/any Specify the IP address or range of addresses this rule applies to, or select

one of the following:

any: The rule applies regardless of the IP address.

anyipv4: The rule applies for any IPv4 address.

anyipv6OCP The rule applies for any IPv6 address.

Port Specify a port the rule will apply to.

• None: The rule will apply to any port.

• Common Configured ports: Select a standard port.

• Other: Specify a non-standard port number.

Protocol Specify which protocol the rule applies to.

• any: any protocol.

• tcp: used for more reliable information transfer between applications.

• udp: alternative to TCP using for faster, lower bandwidth information.

transfer. Though it has fewer delays, UDP is less reliable than TCP.

• icmp: used to report errors for troubleshooting.

• icmpv6: used to report errors for troubleshooting on applications using

IPv6.

Action allow: Allow the packet that matches this rule.

discard: Discard the packet that matches this rule.

Log If this rule applied to a packet, regardless of whether the packet is blocked or

allowed, this will add an entry to the Firewall Log (see “Firewall log” on

page 115).