Configure security settings
Firewall
Digi TransPort WR Routers User Guide
695
[proto]
The protocol to match. Specify using the
proto
keyword followed by one of the following
protocol identifiers:
The
[proto]
field is also important when stateful inspection is enabled for a rule (using the
[inspect-state]
field), as it describes the protocol to inspect (see
[inspect-state]
below).
[dnslist]
Match packets containing DNS names in a given
dnslist
. Following
dnslist
, there must be a
name of a DNS list as specified by the
#dns
command. For example, consider the following DNS
list:
#dns gglist www.Digi.co.*,www.*.co.nz
The following firewall rule blocks all DNS lockups to DNS names matching the above list:
block out break end on ppp 1 proto udp dnslist gglist from any to
any port=dns
[ip-range]
The range of IP addresses and ports to match upon and may be specified in one of several ways.
The basic syntax is:
ip-range=“all” | “from” ip-object “to” ip-object [flags] [icmp]
where
ip-object
is an IP address specification. For full details of the syntax with examples, see
Specifying IP addresses and ranges
.
[inspect-state]
Creates rules for stateful inspection. This is a powerful option in which the firewall script
includes rules that allow the router to keep track of a TCP/UDP or ICMP session and therefore to
only pass packets that match the state of a connection.
Additionally, the
[inspect state]
field can specify an optional OOS (Out Of Service) parameter.
This parameter allows the router to mark any route as being out-of-service for a given period of
time in the event that the stateful inspect engine has detected an error.
A full description of how the
[inspect state]
field works is given below under the heading
Stateful Inspection Settings parameters
.
Identifier
Meaning
udp
UDP packet
tcp
TCP packet
ftp
FTP packets regardless of port number
icmp
ICMP packet
decimal number
decimal number matched to protocol type in IP header
Summary of Contents for TransPort WR11
Page 1: ...User Guide Digi TransPort WR Routers ...
Page 650: ...Configure system settings NTP parameters Digi TransPort WR Routers User Guide 650 ...
Page 661: ...Configure system settings General system parameters Digi TransPort WR Routers User Guide 661 ...
Page 662: ...Configure system settings General system parameters Digi TransPort WR Routers User Guide 662 ...
Page 663: ...Configure system settings General system parameters Digi TransPort WR Routers User Guide 663 ...
Page 682: ...Configure Remote Management SNMP parameters Digi TransPort WR Routers User Guide 679 ...
Page 683: ...Configure Remote Management SNMP parameters Digi TransPort WR Routers User Guide 680 ...
Page 813: ...Manage networks and connections Top Talkers Digi TransPort WR Routers User Guide 808 ...
Page 814: ...Manage networks and connections Top Talkers Digi TransPort WR Routers User Guide 809 ...
Page 815: ...Manage networks and connections Top Talkers Digi TransPort WR Routers User Guide 810 ...
Page 816: ...Manage networks and connections Top Talkers Digi TransPort WR Routers User Guide 811 ...
Page 817: ...Manage networks and connections Top Talkers Digi TransPort WR Routers User Guide 812 ...
Page 818: ...Manage networks and connections Top Talkers Digi TransPort WR Routers User Guide 813 ...
Page 855: ...Device administration Reboot the router Digi TransPort WR Routers User Guide 844 ...