Table of Contents
Advertisement
Firewall menu options
Packet filtering
Examples: Packet filter rules
Example 1: Creating a rule to log traffic originating from the appliance
This example creates a packet filter rule that performs no action on the packets other than to log the
packets originating from the appliance. Only the first packets of the connection are logged in the syslog.
This rule is useful when there is high traffic originating from the appliance when features such as access
control, antivirus, and Web caching are enabled, and you want to view the level of activity from a historical
perspective.
From the Firewall menu, click Packet Filtering. The Packet Filtering page appears.
1
Click New. The Packet Filter Rule page appears.
2
In the Descriptive Name field, enter LogSGOutTraffic.
3
Leave the Enabled checkbox selected.
4
From the Action list, select None.
5
From the Type list, select Output, since the traffic is originating from the appliance. The Incoming
6
Interface now displays None.
Allow the Outgoing Interface, Source Address, Destination Address, and Services lists to default
7
to the Any wildcard.
Select the Log checkbox, and enter log_SG_origin_traffic in the Log Prefix field.
8
Click Finish.
9
Example 2: Creating a rule to allow access through the appliance
This example creates a rule that allows clients on the wireless network HTTP/HTTPS access to any Web
servers residing on any connected DMZ network.
Assumptions:
• There is a service defined for DMZ that consists of HTTP and HTTPS services.
• The appliance is an SG565 with a wireless interface configured.
• The wireless network is using a firewall class of Guest or Internet, as otherwise this kind of access is
automatically granted anyway.
• The DNS names of the servers on the DMZ networks are publicly available on the Internet or are
hard-coded.
From the Firewall menu, click Packet Filtering. The Packet Filtering page appears.
1
Click New. The Packet Filter Rule page appears.
2
In the Descriptive Name field, enter wifi-to-DMZ.
3
From the Action list, select Accept.
4
From the Type list, select Forward, since the traffic is destined to go through the appliance.
5
From the Incoming Interface list, select WIFI (wireless).
6
From the Outgoing Interface, select Any DMZ interface.
7
Allow the Source Address and Destination Address lists to default to the Any wildcard.
8
In the Services list, select DMZ-services.
9
Click Finish.
10
166
McAfee UTM Firewall 4.0.4 Administration Guide
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee SG310
Related Products for McAfee SG310
- McAfee SG720
- McAfee SAV85E - Active VirusScan - PC
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE EPOLICY ORCHESTRATOR 4.0 PATCH 5 - S 12-05-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 1 - S 24-04-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 2 - S 31-08-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 3 - S 09-02-2009
- McAfee SMEFCE-AI-DA - Email Security Service Inbound