Global policy status – D-Link DFL-600 User Manual
Page 69
The next step is to specify if you want the policy rule to apply to Inbound or
Outbound packets. Inbound here means from the WAN to your LAN, while
Outbound means from your LAN to the WAN. The Direction drop-down
menu allows you to choose which direction the DFL-600 will filter packets
that meet the criteria of the policy rule.
Please Note: at the time of the writing of this manual, the Inbound direction
specification for Policy Rules only applies to the Application (ALGs) and
Virtual Servers that have been set up on the NAT page.
If, for example, you want to prevent the TELNET protocol from being used
to access PCs on your LAN from the Internet (WAN), your would specify
Inbound. If you want to prevent PCs on your LAN from using TELNET to
access PCs on the Internet (WAN), you would specify Outbound. Entering
two policy rules for inbound and outbound packets will totally eliminate a
given protocol from being used to across the DFL-600.
You can specify a range of TCP or UDP ports using the Port Range field.
Selecting Any will prevent any port from being used.
In addition, you can specify a range of IP addresses
− as either a source or a
destination
− that the policy rule will be applied to.
Once you have configured the policy rule and clicked on the Apply button,
the rule will be entered into the Service Rules table. If you need to change
the policy rule, click on the icon in the View field of the Service Rules table.
This will allow you to view and modify the rule’s configuration. To delete a
policy rule, click on the icon in the Del field.
Global Policy Status
Once you have configured the Policy Rules, you need to determine how the
DFL-600 will apply these rules to the packets that cross between your LAN
and the Internet (WAN). The Global Policy Status page enables you to
specify this.
“Default” on this page means “if no packets that meet the criteria established
in the policy rules, then ...” either “allow all” or “deny all”. On the Global