Tip: Address book object naming
The cOS Core address book is organized alphabetically so when choosing names for IP
address objects it is best to have the descriptive part of the name first. In this case, use
syslog_ip
as the name and not
ip_syslog
.
Allowing ICMP Ping Requests
As a further example of setting up IP rules, it can be very useful to allow ICMP
Ping
requests to
flow through the Clavister Security Gateway. As discussed earlier, the cOS Core will drop any
traffic unless an IP rule explicitly allows it. Let us suppose that we wish to allow the pinging of
external hosts with the ICMP protocol by computers on the internal
G1_net
network.
There can be several rule sets defined in cOS Core but there is only one rule set defined by
default and this is called
main
. To add a rule to it, first select Policies > Firewalling > Main IP
Rules.
The
main
rule set list contents are now displayed. Press the Add button and select IP Rule.
The properties for a new IP rule will appear and we can add a rule, in this case called
allow_ping_outbound
.
Chapter 4: cOS Core Configuration
49
Содержание Eagle E20
Страница 10: ...Chapter 1 E20 Product Overview 10 ...
Страница 25: ...Chapter 3 E20 Installation 25 ...
Страница 67: ...Chapter 4 cOS Core Configuration 67 ...
Страница 76: ...Clavister AB Sjögatan 6J SE 89160 Örnsköldsvik SWEDEN Phone 46 660 299200 www clavister com ...