Table of Contents
Advertisement
Firewall menu options
Packet filtering
Rules are evaluated from top to bottom as displayed on the page. The first matching rule determines the
action for the network traffic. To reorder a rule, click the move up or down arrow.
Note:
A "-" in the Hits or Hits Over Limit column indicates that no applicable interfaces are configured.
Creating a packet filter rule
Use this procedure to create a packet filter rule. When adding a rule, you can either use Predefined
addresses or services that have already been added under Definitions, or click New to manually enter an
address or service. For procedures on defining services and address and interface groups, refer to the
Definitions. To return to the predefined definitions list for a field, click Show Definitions.
From the Firewall menu, click Packet Filtering. The Packet Filters Rules page appears.
1
If this is the first rule defined on the page, click New. Otherwise, click the add above or below icon at the
2
location where you want to add the rule. The Packet Filter Rule page appears
Figure 167 Packet Filter Rule page
[Optional] Enter a descriptive name in the Descriptive Name field.
3
Make sure the Enable checkbox is selected. It is enabled by default. To temporarily disable the rule, clear
4
the checkbox.
From the Action list, select an option that specifies what to do if the rule matches. Available options are:
5
• None – [Default] Performs no action for this rule, which is useful for a rule that logs packets but
performs no other action.
• Accept – Allows the traffic.
• Drop – Disallows the traffic and silently discards the packets.The Drop action is useful for handling
packets from external untrusted hosts.
• Reject – Disallows the traffic, but also sends an ICMP port unreachable message to the source IP
address to advise that the packets were discarded. The Reject action is useful for packets from trusted
internal hosts if you have, for example, changed the default outbound policy from allow all packets out
to reject all, and then create packet filter rules for specific services and protocols that are allowed to
pass traffic out of the appliance.
The Type controls which incoming and outgoing interface options are available:
6
162
McAfee UTM Firewall 4.0.4 Administration Guide
(Figure
167).
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee SG310
Related Products for McAfee SG310
- McAfee SG720
- McAfee SAV85E - Active VirusScan - PC
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE EPOLICY ORCHESTRATOR 4.0 PATCH 5 - S 12-05-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 1 - S 24-04-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 2 - S 31-08-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 3 - S 09-02-2009
- McAfee SMEFCE-AI-DA - Email Security Service Inbound