Port Rules - Tripp Lite B092-016 Owner's Manual

Chapter 5: Firewall, Failover and Out-of-Band
5.5.4 Firewall Rules
Firewall rules can be used to block or allow traffic through an interface based on port number, direction (ingress or egress) and
protocol. This can be used to allow custom on box services, or block traffic based on policy.
To setup a firewall rule:
• Navigate to the System: Firewall page, and click on the Firewall Rules tab
• Click Add New Firewall Rule
• Fill in the following fields:
Name: Name the firewall rule. This name should describe the policy the port rule is being used to implement
(e.g. block ftp)
Interface: Select the interface that the firewall rule will be applied to (i.e. Any, Dialout/Cellular, VPN, Network
Interface, Dial-in etc)
Port Range: Specify the port or range of ports (e.g. 1000 – 1500) that the rule will apply to. This may be left blank for Any
Source MAC
address: Specify the source MAC address to be matched. This may be left blank for any. MAC addresses use the
format XX:XX:XX:XX:XX:XX, where XX are hex digits
Source Address
Range: Specify the source IP address (or address range) to match. IP address ranges use the format ip/netmask
(where netmask is in bits 1-32). This may be left blank for Any
Destination Range: Specify the destination IP address/address range to match. IP address ranges use the format ip/netmask
(where netmask is in bits 1-32). This may be left blank.
Protocol: Select if the firewall rule will apply to TCP or UDP
Direction: Select the traffic direction that the firewall rule will apply to (Ingress = incoming or Egress)
Action: Select the action (Accept or Block) that will be applied to the packets detected that match the Interface+
Port Range + Source/destination Address Range + Protocol+ Direction
For example, to block SSH traffic from leaving Dialout Interface, the following settings can be used:
Interface: Dialout
Port Range: 22
Protocol: TCP
Direction: Egress
Action: Block
80