Alcatel-Lucent speedtouch 500 사용자 설명서
174
Firewall Commands
firewall assign
Assign a chain to an entry point. An entry point, also referred to as hook or a Packet Interception Point (PIP), is the
location where packets are intercepted to be compared against a chain of rules
location where packets are intercepted to be compared against a chain of rules
SYNTAX:
EXAMPLE:
firewall assign
hook = <{input|sink|forward|source|output}>
chain = <string>
chain = <string>
hook
The name of the entry point to which a chain must be assigned.
Choose between:
Choose between:
•
input: The point off all incoming traffic.
At this point it can be determined whether the packet is
allowed to reach the SpeedTouch™ IP router or local host.
At this point it can be determined whether the packet is
allowed to reach the SpeedTouch™ IP router or local host.
•
sink: The point off all traffic destined to the SpeedTouch™ IP
router itself.
At this point it can be determined whether the packet is
allowed to address the local host.
router itself.
At this point it can be determined whether the packet is
allowed to address the local host.
•
forward: The point off all traffic to be forwarded by the Speed-
Touch™ IP router.
At this point it can be determined whether the packet is
allowed to be handled, i.e. routed.
Touch™ IP router.
At this point it can be determined whether the packet is
allowed to be handled, i.e. routed.
•
source: The point off all traffic sourced by the SpeedTouch™ IP
router.
At this point it can be determined whether the packet is
allowed to leave the local host.
router.
At this point it can be determined whether the packet is
allowed to leave the local host.
•
output: The point off all outgoing traffic.
At this point it can be determined whether the packet is
allowed to leave the SpeedTouch™ IP router or local host.
At this point it can be determined whether the packet is
allowed to leave the SpeedTouch™ IP router or local host.
REQUIRED
chain
The name of the chain to use.
REQUIRED
=>firewall list
assign
assign
hook=sink
chain=sink
assign
hook=forward
chain=forward
assign
hook=source
chain=source
=>firewall chain create chain Telnet
=>firewall assign hook=sink chain=Telnet
=>firewall list
assign
=>firewall assign hook=sink chain=Telnet
=>firewall list
assign
hook=sink
chain=Telnet
assign
hook=forward
chain=forward
assign
hook=source
chain=source
=>