Firewall, Static routes – Ubiquiti Networks PowerBridgM User Manual
Page 33
30
Chapter 5: Network Tab
airOS
™
v5.5.4 User Guide
Ubiquiti Networks, Inc.
If enabled, the device bridge communicates with other
network devices by sending and receiving Bridge Protocol
Data Units (BPDU). STP should be disabled (default setting)
when the device is the only bridge on the LAN or when
there are no loops in the topology, as there is no need for
the bridge to use STP in this case.
Ports
Select the appropriate ports for your bridge
network. (Virtual ports are available if you have created
VLANs.)
•
Add
Select a port.
•
Del
Delete a port.
Comment
You can enter a brief description of the
purpose for the bridge network.
Action
You have the following options:
•
Add
Add a bridge network.
•
Del
Delete a bridge network.
Firewall
(Available in Advanced view.) You can configure firewall
rules for the local and external network interfaces. Click
the + button to display the Firewall section.
Enable
Enables firewall functionality.
Enabled
Enables the specific firewall rule. All the added
firewall rules are saved in the system configuration file;
however, only the enabled firewall rules are active on the
device.
Target
To allow packets to pass through the firewall
unmodified, select ACCEPT. To block packets and send no
response, select DROP.
Interface
Select the appropriate interface where the
firewall rule is applied. To apply the firewall rule to all
interfaces, select ANY.
IP Type
Sets which specific Layer 3 protocol type (IP, ICMP,
TCP, UDP) should be filtered.
!
Can be used to invert the Source IP/Mask, Source Port,
Destination IP/Mask, and/or Destination Port filtering
criteria. For example, if you enable ! (Not) for the specified
Destination Port value 443, then the filtering criteria will
be applied to all the packets sent to any Destination Port
except port 443, which is commonly used by HTTPS.
Source IP/Mask
Check the box and specify the source IP
of the packet (specified within the packet header). Usually
it is the IP of the host system that sends the packets.
The mask is in slash notation. For example, if you enter
192.168.1.0/24, you are entering the range of 192.168.1.0
to 192.168.1.255.
Source Port
Check the box and specify the source port of
the packet (specified within the packet header). Usually it
is the port of the host system application that sends the
packets.
Destination IP/Mask
Check the box and specify the
destination IP of the packet (specified within the packet
header). Usually it is the IP of the system which the packet
is addressed to. The mask is in slash notation. For example,
if you enter 192.168.1.0/24, you are entering the range of
192.168.1.0 to 192.168.1.255.
Destination Port
Check the box and specify the
destination port of the packet (specified within the
packet header). Usually it is the port of the host system
application which the packet is addressed to.
Comment
You can enter a brief description of the
purpose for the firewall rule.
All active firewall entries are stored in the FIREWALL chain
of the ebtables filter table.
Action
You have the following options:
•
Add
Add a firewall rule.
•
Edit
Make changes to a firewall rule. Click Save to save
your changes.
•
Del
Delete a firewall rule.
Static Routes
(Available in Advanced view.) You can manually add
static routing rules to the system routing table; you can
set a rule that a specific target IP address (or range of IP
addresses) passes through a specific gateway. Click the +
button to display the Static Routes section.
Enabled
Enables the specific static route. All the added
static routes are saved in the system configuration file;
however, only the enabled static routes are active on the
device.
Target Network IP
Specify the IP address of the
destination.
Netmask
Specify the netmask of the destination.
Gateway IP
Specify the IP address of the gateway.
Comment
You can enter a brief description of the
purpose for the static route.
Action
You have the following options:
•
Add
Add a static route.
•
Edit
Make changes to a static route. Click Save to save
your changes.
•
Del
Delete a static route.