Operation Manual

Log: When checked each packet matching this filter rule will be logged in the System Logs.

Action: “Allow” or “Deny.”

Protocol: Any, ICMPv4, TCP, UDP, GRE, ESP, ICMPv6, or SCTP.

IP Version: Any, IPv4, or IPv6.

IP Source / IP Destination

IP Negation: Match on any IP address that is NOT in the specified IP network range.

Network IP: Optional field to specify a matching network IP address for this rule to match against.

Netmask: Use this to define a subnet size this rule will match against.

Port Negation: Match on any port that is NOT in the specified port range.

Port(s): Use for a single port or a range of ports. Fill in the left side for a single port.

Use Network IP, Netmask, and Port(s) to specify the ports and addresses for which the rule applies. You can specify a

range of ports or a single port. Similarly, the netmask can be used to define either a range of addresses (i.e.

255.255.255.0) or a single address (255.255.255.255).

If you leave these values blank, then all IP addresses and ports will be included. IP Source and IP Destination options

can be used to differentiate between the directions that packets go. You could permit packets to come from particular IP

addresses but then not allow packets to return to those addresses.

Forwardings

Forwardings define how Filter Policies affect traffic flowing between zones in one direction. Simply select the Source

Zone, Destination Zone, and Filter Policy to define a Forwarding. Forwardings can either be Added, Edited, Removed,

or Toggled. Toggling a Forwarding will either enable or disable the Forwarding.