Справочник Пользователя для Alcatel-Lucent speedtouch 500

Firewall Commands

firewall assign

Assign a chain to an entry point. An entry point, also referred to as hook or a Packet Interception Point (PIP), is the 
location where packets are intercepted to be compared against a chain of rules

SYNTAX:

EXAMPLE:

firewall assign

hook = <{input|sink|forward|source|output}>
chain = <string>

hook

The name of the entry point to which a chain must be assigned.
Choose between:

•

input: The point off all incoming traffic. 
At this point it can be determined whether the packet is 
allowed to reach the SpeedTouch™ IP router or local host.

•

sink: The point off all traffic destined to the SpeedTouch™ IP 
router itself. 
At this point it can be determined whether the packet is 
allowed to address the local host.

•

forward: The point off all traffic to be forwarded by the Speed-
Touch™ IP router. 
At this point it can be determined whether the packet is 
allowed to be handled, i.e. routed.

•

source: The point off all traffic sourced by the SpeedTouch™ IP 
router.
At this point it can be determined whether the packet is 
allowed to leave the local host.

•

output: The point off all outgoing traffic.
At this point it can be determined whether the packet is 
allowed to leave the SpeedTouch™ IP router or local host.

REQUIRED

chain

The name of the chain to use.

REQUIRED

=>firewall list
assign

hook=sink

chain=sink

assign

hook=forward

chain=forward

assign

hook=source

chain=source

=>firewall chain create chain Telnet
=>firewall assign hook=sink chain=Telnet
=>firewall list
assign

hook=sink

chain=Telnet

assign

hook=forward

chain=forward

assign

hook=source

chain=source

=>