ZyXEL Communications ISG50-ISDN User Manual page 362

Chapter 23 Firewall
Table 117 Configuration > Firewall (continued)
LABEL
From Zone / To
Zone
Add
Edit
Remove
Activate
Inactivate
Move
The following read-only fields summarize the rules you have created that apply to traffic traveling in
the selected packet direction.
Status
Priority
From
To
Schedule
User
Source
Destination
Service
Access
Log
Apply
Reset
362
DESCRIPTION
This is the direction of travel of packets. Select from which zone the packets come
and to which zone they go.
Firewall rules are grouped based on the direction of travel of packets to which they
apply. For example, from LAN1 to LAN1 means packets traveling from a computer
or subnet on the LAN to either another computer or subnet on the LAN1.
From any displays all the firewall rules for traffic going to the selected To Zone.
To any displays all the firewall rules for traffic coming from the selected From
Zone.
From any to any displays all of the firewall rules.
To ISG50 rules are for traffic that is destined for the ISG50 and control which
computers can manage the ISG50.
Click this to create a new entry. Select an entry and click Add to create a new
entry after the selected entry.
Double-click an entry or select it and click Edit to open a screen where you can
modify the entry's settings.
To remove an entry, select it and click Remove. The ISG50 confirms you want to
remove it before doing so.
To turn on an entry, select it and click Activate.
To turn off an entry, select it and click Inactivate.
To change a rule's position in the numbered list, select the rule and click Move to
display a field to type a number for where you want to put that rule and press
[ENTER] to move the rule to the number that you typed.
The ordering of your rules is important as they are applied in order of their
numbering.
This icon is lit when the entry is active and dimmed when the entry is inactive.
This is the position of your firewall rule in the global rule list (including all through-
ISG50 and to-ISG50 rules). The ordering of your rules is important as rules are
applied in sequence. Default displays for the default firewall behavior that the
ISG50 performs on traffic that does not match any other firewall rule.
This is the direction of travel of packets to which the firewall rule applies.
This field tells you the schedule object that the rule uses. none means the rule is
active at all times if enabled.
This is the user name or user group name to which this firewall rule applies.
This displays the source address object to which this firewall rule applies.
This displays the destination address object to which this firewall rule applies.
This displays the service object to which this firewall rule applies.
This field displays whether the firewall silently discards packets (deny), discards
packets and sends a TCP reset packet to the sender (reject) or permits the
passage of packets (allow).
This field shows you whether a log (and alert) is created when packets match this
rule or not.
Click Apply to save your changes back to the ISG50.
Click Reset to return the screen to its last-saved settings.
ISG50 User's Guide