D-Link DFL-2500 User Manual

CLI
Create IDP Rule:

gw-world:/> add IDPRule Service=smtp SourceInterface=wan SourceNetwork=wannet

DestinationInterface=dmz DestinationNetwork=ip_mailserver
Name=IDPMailSrvRule

Create IDP Action:

gw-world:/> cc IDPRule IDPMailSrvRule

gw-world:/IDPMailSrvRule> add IDPRuleAction Action=Protect

IDPServity=All Signatures=IPS_MAIL_SMTP

Web Interface

Create IDP Rule:

This IDP rule will be called IDPMailSrvRule, and applies to the SMTP service. Source Interface and Source
Network define where traffic is coming from, in this example the external network. The Destination Interface and
Destination Network define where traffic is directed to, in this case the mail server. Destination Network should
therefore be set to the object defining the mail server.

1.

Go to IDP > IDP Rules > Add > IDP Rule

2.

Now enter:

•

Name: IDPMailSrvRule

•

Service: smtp

•

Also inspect dropped packets: In case all traffic matching this rule should be scanned (this also means
traffic that the main rule set would drop), the "Also inspect dropped packets" checkbox should be
checked, which is the case in this example.

•

Source Interface: wan

•

Source Network: wannet

•

Destination Interface: dmz

•

Destination Network: ip_mailserver

•

Click OK

If logging of intrusion attempts is desired, this can be configured in the Log Settings tab.

Create IDP Action:

6.5.8. SMTP Log Receiver for IDP
Events

Chapter 6. Security Mechanisms

196