1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. P-660R-F1
    5. /
  5. 19
Page 91 / 268 Scroll up to view Page 86 - 90
Chapter 7 Firewalls
P-660R-F1 Series User’s Guide
91
Click
Security > Firewall > Rules
to bring up the following screen. This screen displays a list of
the configured firewall rules. Note the order in which the rules are listed.
Figure 55
Security > Firewall > Rules
The following table describes the labels in this screen.
Table 32
Security > Firewall > Rules
LABEL
DESCRIPTION
Firewall Rules
Storage Space
in Use
This read-only bar shows how much of the ZyXEL Device's memory for recording
firewall rules it is currently using. When you are using 80% or less of the storage
space, the bar is green. When the amount of space used is over 80%, the bar is
red.
Packet
Direction
Use the drop-down list box to select a direction of travel of packets for which you
want to configure firewall rules.
Create a new
rule after rule
number
Select an index number and click
Add
to add a new firewall rule after the selected
index number. For example, if you select “6”, your new rule becomes number 7 and
the previous rule 7 (if there is one) becomes rule 8.
The following read-only fields summarize the rules you have created that apply to
traffic traveling in the selected packet direction. The firewall rules that you
configure (summarized below) take priority over the general firewall action settings
in the
General
screen.
#
This is your firewall rule number. The ordering of your rules is important as rules
are applied in turn.
Active
This field displays whether a firewall is turned on or not. Select the check box to
enable the rule. Clear the check box to disable the rule.
Source IP
This drop-down list box displays the source addresses or ranges of addresses to
which this firewall rule applies. Please note that a blank source or destination
address is equivalent to
Any
.
Destination IP
This drop-down list box displays the destination addresses or ranges of addresses
to which this firewall rule applies. Please note that a blank source or destination
address is equivalent to
Any
.
Service
This drop-down list box displays the services to which this firewall rule applies.
Action
This field displays whether the firewall silently discards packets (
Drop
), discards
packets and sends a TCP reset packet or an ICMP destination-unreachable message
to the sender (
Reject
) or allows the passage of packets (
Permit
).
Schedule
This field tells you whether a schedule is specified (
Yes
) or not (
No
).
Log
This field shows you whether a log is created when packets match this rule (
Yes
)
or not (
No
).
Page 92 / 268
Chapter 7 Firewalls
P-660R-F1 Series User’s Guide
92
Modify
Click the Edit icon to go to the screen where you can edit the rule.
Click the Remove icon to delete an existing firewall rule. A window displays asking
you to confirm that you want to delete the firewall rule. Note that subsequent
firewall rules move up by one when you take this action.
Order
Click the Move icon to display the
Move the rule to
field. Type a number in the
Move the rule to
field and click the
Move
button to move the rule to the number
that you typed. The ordering of your rules is important as they are applied in order
of their numbering.
Apply
Click this to save your changes.
Cancel
Click this to restore your previously saved settings.
Table 32
Security > Firewall > Rules (continued)
LABEL
DESCRIPTION
Page 93 / 268
Chapter 7 Firewalls
P-660R-F1 Series User’s Guide
93
7.3.1
Configuring Firewall Rules
Use this screen to configure firewall rules. In the
Rules
screen, select an index number and click
Add
or click a rule’s
Edit
icon to display this screen and refer to the following table for information
on the labels.
Figure 56
Security > Firewall > Rules: Edit
Page 94 / 268
Chapter 7 Firewalls
P-660R-F1 Series User’s Guide
94
The following table describes the labels in this screen.
7.3.2
Customized Services
Configure customized services and port numbers not predefined by the ZyXEL Device. For a
comprehensive list of port numbers and services, visit the IANA (Internet Assigned Number
Table 33
Security > Firewall > Rules: Edit
LABEL
DESCRIPTION
Edit Rule
Active
Select this option to enable this firewall rule.
Action for Matched
Packet
Use the drop-down list box to select whether to discard (
Drop
), deny
and send
an ICMP destination-unreachable message to the sender of (
Reject
) or allow
the passage of (
Permit
) packets that match this rule.
Source/Destination Address
Address Type
Do you want your rule to apply to packets with a particular (single) IP, a range
of IP addresses (for instance, 192.168.1.10 to 192.169.1.50), a subnet or any
IP address? Select an option from the drop-down list box that includes:
Single
Address
,
Range Address
,
Subnet Address
and
Any
Address
.
Start IP Address
Enter the single IP address or the starting IP address in a range here.
End IP Address
Enter the ending IP address in a range here.
Subnet Mask
Enter the subnet mask here, if applicable.
Add >>
Click
Add >>
to add a new address to the
Source
or
Destination Address
box. You can add multiple addresses, ranges of addresses, and/or subnets.
Edit <<
To edit an existing source or destination address, select it from the box and
click
Edit <<
.
Delete
Highlight an existing source or destination address from the
Source
or
Destination Address
box above and click
Delete
to remove it.
Services
Available/ Selected
Services
Highlight a service from the
Available Services
box on the left, then click
Add
>>
to add it to the
Selected Services
box on the right. To remove a service,
highlight it in the
Selected Services
box on the right, then click
Remove
.
Edit Customized
Service
Click the
Edit Customized Services
link to bring up the screen that you use to
configure a new custom service that is not in the predefined list of services.
Schedule
Day to Apply
Select everyday or the day(s) of the week to apply the rule.
Time of Day to
Apply (24-Hour
Format)
Select
All Day
or enter the start and end times in the hour-minute format to
apply the rule.
Log
Log Packet Detail
Information
This field determines if a log for packets that match the rule is created or not.
Go to the
Log Settings
page and select the
Access Control
logs category to
have the ZyXEL Device record these logs.
Alert
Send Alert Message
to Administrator
When Matched
Select the check box to have the ZyXEL Device generate an alert when the rule
is matched.
Back
Click this to return to the previous screen without saving.
Apply
Click this to save your changes.
Cancel
Click this to restore your previously saved settings.
Page 95 / 268
Chapter 7 Firewalls
P-660R-F1 Series User’s Guide
95
Authority) website. Click the
Edit Customized Services
link while editing a firewall rule to
configure a custom service port. This displays the following screen.
Figure 57
Security > Firewall > Rules: Edit: Edit Customized Services
The following table describes the labels in this screen.
7.3.3
Configuring a Customized Service
Use this screen to add a customized rule or edit an existing rule. Click a rule number in the
Firewall Customized Services
screen to display the following screen.
Figure 58
Security > Firewall > Rules: Edit: Edit Customized Services: Config
Table 34
Security > Firewall > Rules: Edit: Edit Customized Services
LABEL
DESCRIPTION
No.
This is the number of your customized port. Click a rule’s number of a service to go to
the
Firewall Customized Services Config
screen to configure or edit a customized
service.
Name
This is the name of your customized service.
Protocol
This shows the IP protocol (
TCP
,
UDP
or
TCP/UDP
) that defines your customized
service.
Port
This is the port number or range that defines your customized service.
Back
Click this to return to the
Firewall Edit Rule
screen.

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top