D-Link NetDefend DFL-210 User Manual page 146
Network security firewall ver. 1.05
Hide thumbs
Also See for NetDefend DFL-210:
- User manual (495 pages) ,
- Log reference manual (476 pages) ,
- Cli reference manual (213 pages)
Table of Contents
Advertisement
6.3.8. SMTP Log Receiver for IDP
Events
CLI
Create IDP Rule:
gw-world:/> add IDPRule Service=smtp SourceInterface=wan SourceNetwork=wannet
Create IDP Action:
gw-world:/> cc IDPRule IDPMailSrvRule
gw-world:/IDPMailSrvRule> add IDPRuleAction Action=Protect
Web Interface
Create IDP Rule:
This IDP rule will be called IDPMailSrvRule, and applies to the SMTP service. Source Interface and Source Net-
work define where traffic is coming from, in this example the external network. The Destination Interface and Des-
tination Network define where traffic is directed to, in this case the mail server. Destination Network should there-
fore be set to the object defining the mail server.
1.
Go to IDP > IDP Rules > Add > IDP Rule
2.
Now enter:
•
Name: IDPMailSrvRule
•
Service: smtp
•
Also inspect dropped packets: In case all traffic matching this rule should be scanned (this also means
traffic that the main rule-set would drop), the "Also inspect dropped packets" checkbox should be
checked, which is the case in this example.
•
Source Interface: wan
•
Source Network: wannet
•
Destination Interface: dmz
•
Destination Network: ip_mailserver
•
Click OK.
If logging of intrusion attempts is desired, this can be configured in the Log Settings tab.
Create IDP Action:
DestinationInterface=dmz DestinationNetwork=ip_mailserver
Name=IDPMailSrvRule
IDPServity=All Signatures=IPS_MAIL_SMTP
133
Chapter 6. Security Mechanisms
Advertisement
Table of Contents
