![Dell SonicWALL GX250 Manual Download Page 89](http://html.mh-extra.com/html/dell/sonicwall-gx250/sonicwall-gx250_manual_81762089.webp)
SonicWALL Internet Security Appliance Guide Page 89
been updated, a message confirming the update is displayed at the bottom of the
browser window.
Understanding the Access Rule Hierarchy
The rule hierarchy has two basic concepts:
1. Specific rules override general rules.
•
An individual service is more specific than the Default service.
•
A single Ethernet link, such as LAN or WAN, is more specific than * (all).
•
A single IP address is more specific than an IP address range.
2. Equally specific
Deny
rules override
Allow
rules.
Rules are displayed in the
Current Network Access Rules
list from the most specific
to the least specific, and rules at the top override rules listed below. For example,
consider the section of the
Rules
window shown below.
The
Default Allow Rule
(#7) at the bottom of the page allows all traffic from the LAN
to the WAN. However, Rule #1 blocks IRC (Chat) traffic from a computer on the LAN
to a server on the WAN.
The
Default Deny Rule
(#6) blocks all traffic from the WAN to the LAN, however,
Rule #2 overrides this rule by allowing Web traffic from the WAN to the LAN.
Examples
The following examples illustrate methods for creating
Network Access Rules
.
Blocking LAN access for specific services
This example shows how to block LAN access to NNTP servers on the Internet
during business hours.
1. Click
Add New Rule
in the
Rules
window to launch the
Add Network
Access Rule
Web browser window.
integrated_manual.book Page 89 Wednesday, June 13, 2001 6:21 PM