Access Rule Settings - D-Link NetDefend DFL-210 User Manual
Network security firewall ver 2.26.01
Hide thumbs
Also See for NetDefend DFL-210:
- Log reference manual (476 pages) ,
- User manual (469 pages) ,
- Cli reference manual (213 pages)
Table of Contents
Advertisement
6.1.3. Access Rule Settings
VPNs provide one means of avoiding spoofing but where a VPN is not an appropriate solution then
Access Rules can provide an anti-spoofing capability by providing an extra filter for source address
verification. An Access Rule can verify that packets arriving at a given interface do not have a
source address which is associated with a network of another interface. In other words:
•
Any incoming traffic with a source IP address belonging to a local trusted host is NOT allowed.
•
Any outgoing traffic with a source IP address belonging to an outside untrusted network is NOT
allowed.
The first point prevents an outsider from using a local host's address as its source address. The
second point prevents any local host from launching the spoof.
6.1.3. Access Rule Settings
The configuration of an access rule is similar to other types of rules. It contains Filtering Fields as
well as the Action to take. If there is a match, the rule is triggered, and NetDefendOS will carry out
the specified Action.
Access Rule Filtering Fields
The Access Rule filtering fields used to trigger a rule are:
•
Interface: The interface that the packet arrives on.
•
Network: The IP span that the sender address should belong to.
Access Rule Actions
The Access Rule actions that can be specified are:
•
Drop: Discard the packets that match the defined fields.
•
Accept: Accept the packets that match the defined fields for further inspection in the rule set.
•
Expect: If the sender address of the packet matches the Network specified by this rule, the
receiving interface is compared to the specified interface. If the interface matches, the packet is
accepted in the same way as an Accept action. If the interfaces do not match, the packet is
dropped in the same way as a Drop action.
Turning Off Default Access Rule Messages
If, for some reason, the "Default Access Rule" log message is continuously being generated by some
source and needs to be turned off, then the way to do this is to specify an Access Rule for that
source with an action of Drop.
Troubleshooting Access Rule Related Problems
It should be noted that Access Rules are a first filter of traffic before any other NetDefendOS
modules can see it. Sometimes problems can appear, such as setting up VPN tunnels, precisely
because of this. It is always advisable to check Access Rules when troubleshooting puzzling
Note: Enabling logging
Logging can be enabled as required for these actions.
205
Chapter 6. Security Mechanisms
Advertisement
Table of Contents
Troubleshooting
