Ip Rule Set Folders - D-Link NetDefendOS User Manual

Web Interface
1. Go to: Policies > Firewalling > Additional IP Rule Sets
2. Select the rule set called dmz_rules
3. Select Add > Return Rule
4. Now enter:
• Name: return_dmz_to_main
• Source Interface: any
• Source Network: all-nets
• Destination Interface: any
• Destination Network: all-nets
• Service: all_services
5. Select OK

3.6.5. IP Rule Set Folders

In order to help organize large numbers of entries in IP rule sets, it is possible to create IP rule set
folders. These folders are just like a folder in a computer's file system. They are created with a
given name and can then be used to contain all the IP rules that are related together as a group.
Using folders is simply a way for the administrator to conveniently divide up IP rule set entries
and no special properties are given to entries in different folders. NetDefendOS continues to see
all entries as though they were in a single set of IP rules.
The folder concept is also used by NetDefendOS in the address book, where related IP address
objects can be grouped together in administrator created folders.
Example 3.34. Adding an Allow IP Rule
This example shows how to create a simple Allow rule that will allow HTTP connections to be
opened from the lannet network on the lan interface to any network (all-nets) on the wan
interface.
Command-Line Interface
gw-world:/> add IPRule
Action=Allow
Service=http
SourceInterface=lan
SourceNetwork=lannet
DestinationInterface=wan
DestinationNetwork=all-nets
Name=lan_http
240
Chapter 3: Fundamentals