beautypg.com

Table 70 firewall edit rule – ZyXEL Communications Internet Security Appliance ZyWALL5UTM 4.0 User Manual

Page 221

background image

ZyWALL 5/35/70 Series User’s Guide

221

Chapter 11 Firewall Screens

The following table describes the labels in this screen.

Table 70 Firewall Edit Rule

LABEL

DESCRIPTION

Rule Name

Enter a descriptive name of up to 31 printable ASCII characters (except Extended

ASCII characters) for the firewall rule. Spaces are allowed.

Edit Source/

Destination

Address

Address Type

Do you want your rule to apply to packets with a particular (single) IP, a range of IP

addresses (for example 192.168.1.10 to 192.169.1.50), a subnet or any IP

address? Select an option from the drop-down list box that includes: Single

Address, Range Address, Subnet Address and Any

Address.

You can configure up to 20 source or destination IP address entries in a rule.

Start IP Address

Enter the single IP address or the starting IP address in a range here.

End IP Address

Enter the ending IP address in a range here.

Subnet Mask

Enter the subnet mask here, if applicable.

Add

Click Add to add a new address to the Source or Destination Address(es) box.

You can add multiple addresses, ranges of addresses, and/or subnets.

Modify

To edit an existing source or destination address, select it from the box and click

Modify.

Delete

Highlight an existing source or destination address from the Source or Destination

Address(es) box above and click Delete to remove it.

Edit Service

Available/

Selected Services

Please see

Section 11.11 on page 226

for more information on services available.

Highlight a service from the Available Services box on the left, then click >> to add

it to the Selected Service(s) box on the right. To remove a service, highlight it in

the Selected Service(s) box on the right, then click <<.

Edit Schedule

Day to Apply

Select everyday or the day(s) of the week to apply the rule.

Time of Day to

Apply (24-Hour

Format)

Select All Day or enter the start and end times in the hour-minute format to apply

the rule.

Actions When

Matched

Log Packet

Information When

Matched

This field determines if a log for packets that match the rule is created (Yes) or not

(No). Go to the Log Settings page and select the Access Control logs category to

have the ZyWALL record these logs.

Send Alert

Message to

Administrator

When Matched

Select the check box to have the ZyWALL generate an alert when the rule is

matched.

Action for

Matched Packets

Use the drop-down list box to select whether to discard (Drop), deny and send an

ICMP destination-unreachable message to the sender of (Reject) or allow the

passage of (Permit) packets that match this rule.

Apply

Click Apply to save your customized settings and exit this screen.

Cancel

Click Cancel to exit this screen without saving.

See also other documents in the category ZyXEL Communications Hardware: