D-Link DFL-260 Product Manual - Page 121
IP Rule Set Folders, Delete, Disable/Enable, Move options
UPC - 790069296802
View all D-Link DFL-260 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 121 highlights
3.5.5. IP Rule Set Folders Chapter 3. Fundamentals A context menu will appear with the following options: Edit Delete Disable/Enable Move options This allows the contents of the rule to be changed. This will remove the rule permanently from the rule set. This allows the rule to be disabled but left in the rule set. While disabled the rule set line will not affect traffic flow and will appear grayed out in the user interface. It can be re-enabled at any time. The last section of the context menu allows the rule to be moved to a different position in the rule set and therefore have a different precedence 3.5.5. IP Rule Set Folders In order to help organise large numbers of entries in IP rule sets, it is possible to create IP rule set folders. These folders are just like a folder in a computer's file system. They are created with a given name and can then be used to contain all the IP rules that are related together as a group. Using folders is simply a way for the administrator to conveniently divide up IP rule set entries and no special properties are given to entries in different folders. NetDefendOS continues to see all entries as though they were in a single set of IP rules. The folder concept is also used by NetDefendOS in the address book, where related IP address objects can be grouped together in administrator created folders. Example 3.16. Adding an Allow IP Rule This example shows how to create a simple Allow rule that will allow HTTP connections to be opened from the lannet network on the lan interface to any network (all-nets) on the wan interface. Command-Line Interface First, change the current category to be the main IP rule set: gw-world:/> cc IPRuleSet main Now, create the IP rule: gw-world:/main> add IPRule Action=Allow Service=http SourceInterface=lan SourceNetwork=lannet DestinationInterface=wan DestinationNetwork=all-nets Name=lan_http Return to the top level: gw-world:/main> cc Configuration changes must be saved by then issuing an activate followed by a commit command. Web Interface 1. Go to Rules > IP Rules > Add > IPRule 2. Specify a suitable name for the rule, for example LAN_HTTP 3. Now enter: • Name: A suitable name for the rule. For example lan_http • Action: Allow • Service: http 121