Lancom Systems LCOS 3.50 User Manual

LANCOM Reference Manual LCOS 3.50

̈

Chapter 8: Firewall

154

Fi

rew

a

ll

All Firewall actions are likewise displayed within the IP router trace
(’How to start a trace’

→

page 48). Furthermore, some LANCOM mod-

els have a Firewall LED, which signals each filtered packet.

The filter list

The filter list allows to examine filters generated by rules defined in the action,
object and rule table.

Please note that manually entered filter rules do not generate a fault
indication and also no error message. If you configure filters manually,
you should in each case examine on the basis of the filter list whether
the desired filters were generated or not.

Src-p

Source port of the filtered packet (only with port-related protocols)

Dst-p

Destination port of the filtered packet (only with port-related protocols)

Filter-Rule

Name of the rule, which has raised the entry.

Limit

Bit field, which describes the crossed limit, which has filtered the packet.
The following values are defined at present:
0x01 Absolute number
0x02 Number per second
0x04 Number per minute
0x08 Number per hour
0x10 Global limit
0x20 Byte limit (if not set, it concerns a packet-related limit)
0x40 Limit applies only in receiving direction
0x80 limit applies only in transmission direction

Threshold

Exceeded limit value of the trigger limit

Action

Bit field, which specifies all implemented actions. At present the following
values are defined:
0x00000001 Accept
0x00000100 Reject
0x00000200 Connect filter
0x00000400 Internet- (Default route-) filter
0x00000800 Drop
0x00001000 Disconnect
0x00004000 Block source address
0x00020000 Block destination address and port
0x20000000 Send SYSLOG notification
0x40000000 Send SNMP trap
0x80000000 Send email

Element

Element meaning