Siemens E-110 사용자 설명서
SIEMENS ADSL E-110_E-110-I user manual
Field
Description
Log Option
When Enabled is selected, a log entry will be created on the system each time
this rule is invoked.
Security Level
The security level that must be enabled globally for this rule to take affect. A rule
will be active only if its security level is the same as the globally configured setting
(shown on the main IP Filter page). For example, if the rule is set to Medium and
the global firewall level is set to medium, then the rule will be active; but if the
global firewall level is set to high or low, then the rule will be inactive.
Blacklist Status
Specifies whether or not a violation of this rule will result in the offending
computer's IP address being added to the Blacklist, which blocks the router from
forwarding packets from that source for a specified period of time.
Log Tag
A description of up to 16 characters to be recorded in the log in the event that a
packet violates this rule. Be sure to set the Log Option to Enable if you configure a
Log Tag.
Start/End Time
The time range during which this rule is to be in effect, specified in military units.
Src IP Address
IP address criteria for the source computer(s) from which the packet originates.
Use the following expression to specify IP:
any: any source IP address.
lt: less than
lteq: less than or equal to.
gt: greater than
eq: equal to
neq: not equal to
range: within the specified range, inclusive.
out of range: outside the specified range.
self: the IP address of the router interface on which this rule takes effect.
any: any source IP address.
lt: less than
lteq: less than or equal to.
gt: greater than
eq: equal to
neq: not equal to
range: within the specified range, inclusive.
out of range: outside the specified range.
self: the IP address of the router interface on which this rule takes effect.
Dest IP Address IP address rule criteria for the destination computer(s) (i.e., the IP address of the
computer to which the packet is being sent).
In addition to the options described for the Src IP Address field, the following
In addition to the options described for the Src IP Address field, the following
option is available:
bcast: Specifies that the rule will be invoked for any packets sent to the broadcast
address for the receiving interface. (The broadcast address is used to send packets
bcast: Specifies that the rule will be invoked for any packets sent to the broadcast
address for the receiving interface. (The broadcast address is used to send packets
to all hosts on the LAN or subnet connected to the specified interface.) When you
select this option, you do not need to specify the address, so the address fields
are dimmed.
Protocol
The basic IP protocol criteria that must be met for rule to be invoked. Using the
options in the drop-down list, you can specify that packets must contain the
options in the drop-down list, you can specify that packets must contain the
selected protocol (eq), that they must not contain the specified protocol (neq), or
that the rule can be invoked regardless of the protocol (any). TCP, UDP, and ICMP
are commonly IP protocols; others can be identified by number from 0 to 255, as
defined by IANA.
Apply Stateful
Inspectation
Inspectation
If this option is enabled, then stateful filtering is performed and the rule is also
applied in the other direction on the given interface during an IP session.
applied in the other direction on the given interface during an IP session.
Source Port
Port number criteria for the computer(s) from which the packet originates.
This field will be dimmed (unavailable for entry) if you have not specified a
This field will be dimmed (unavailable for entry) if you have not specified a
protocol criteria.
See the description of Src IP Address for the selection options.
See the description of Src IP Address for the selection options.
60
Rev:01_040220