V7122 Gateway User Guide
355
Rule #22: traffic from the subnet 10.4.xxx.yyy destined to ports 4000 to 9000 is always
blocked, regardless of protocol.
All other traffic is allowed.
More complex rules may be defined, relying on the ‘single-match’ process described above.
Figure 117
shows an advanced example of an access list definition using
ini
file:
Figure 117
Advanced Example of an Access List Definition using
ini
File
[ ACCESSLIST ]
FORMAT AccessList_Index = AccessList_Source_IP, AccessList_Net_Mask,
AccessList_Start_Port, AccessList_End_Port, AccessList_Protocol,
AccessList_Packet_Size, AccessList_Byte_Rate, AccessList_Byte_Burst,
AccessList_Allow_Type;
AccessList 10 = 10.0.0.0, 255.0.0.0, 0, 65535, any, 0, 40000, 50000, allow ;
AccessList 15 = 10.31.4.0, 255.255.255.0, 4000, 9000, any, 0, 0, 0, allow ;
AccessList 20 = 0.0.0.0, 0.0.0.0, 0, 65535, any, 0, 0, 0, block;
[ \ACCESSLIST ]
Explanation of the example access list:
This access list consists of three rules:
Rule #10: traffic from the subnet 10.xxx.yyy.zzz is allowed if the traffic rate does not
exceed 40 KB/s.
Rule #15: if a packet didn't match rule #10, that is, the excess traffic is over 40 KB/s, and
coming from the subnet 10.31.4.xxx to ports 4000 to 9000, then it is allowed.
Rule #20: all other traffic (which didn't match the previous rules), is blocked.
The internal firewall can also be configured using the Embedded Web Server (see
Configuring the Firewall Settings
).
Network Port Usage
The following table lists the default TCP/UDP network port numbers used by the gateway.
Where relevant, the table lists the
ini
file parameters that control the port usage and provide
source IP address filtering capabilities.
Table 72
Default TCP/UDP Network Port Numbers
Port Number Peer Port
Application
Notes
2 2
Debugging
interface
Always
ignored
23 - Telnet
Disabled by default (TelnetServerEnable).
Configurable (TelnetServerPort), access
controlled by WebAccessList
Содержание VCX V7122
Страница 28: ...28 V7122 GatewayUser Guide ...
Страница 39: ...V7122 Gateway User Guide 39 Reader s Notes ...
Страница 40: ...40 V7122 GatewayUser Guide ...
Страница 58: ...58 V7122 GatewayUser Guide Reader s Notes ...
Страница 66: ...66 V7122 GatewayUser Guide Reader s Notes ...
Страница 144: ...144 V7122 GatewayUser Guide Reader s Notes ...
Страница 239: ...V7122 Gateway User Guide 239 Reader s Notes ...
Страница 240: ...240 V7122 GatewayUser Guide ...
Страница 246: ...246 V7122 GatewayUser Guide Reader s Notes ...
Страница 270: ...270 V7122 GatewayUser Guide Reader s Notes ...
Страница 287: ...V7122 Gateway User Guide 287 Reader s Notes ...
Страница 288: ...288 V7122 GatewayUser Guide ...
Страница 294: ...294 V7122 GatewayUser Guide Reader s Notes ...
Страница 300: ...300 V7122 GatewayUser Guide Figure 88 Gateway s Startup Process ...
Страница 315: ...V7122 Gateway User Guide 315 Reader s Notes ...
Страница 316: ...316 V7122 GatewayUser Guide ...
Страница 332: ...332 V7122 GatewayUser Guide Reader s Notes ...
Страница 358: ...358 V7122 GatewayUser Guide Reader s Notes ...
Страница 362: ...362 V7122 GatewayUser Guide Reader s Notes ...
Страница 389: ...V7122 Gateway User Guide 389 Reader s Notes ...
Страница 390: ...390 V7122 GatewayUser Guide ...
Страница 398: ...398 V7122 GatewayUser Guide Reader s Notes ...
Страница 406: ...406 V7122 GatewayUser Guide Reader s Notes ...
Страница 408: ...408 V7122 GatewayUser Guide Reader s Notes ...
Страница 409: ...V7122 Gateway User Guide 409 ...
Страница 419: ...V7122 Gateway User Guide 419 Reader s Notes ...
Страница 437: ...V7122 Gateway User Guide 437 Reader s Notes ...
Страница 452: ...452 V7122 GatewayUser Guide Figure 137 UDP2File Utility ...
Страница 453: ...V7122 Gateway User Guide 453 Reader s Notes ...
Страница 459: ...V7122 Gateway User Guide 459 Reader s Notes ...
Страница 475: ...V7122 Gateway User Guide 475 ...