Sena Parani-MSP1000, Руководство пользователя

Страница: 21 / 49

21
logging .
3.4. Firewall Configuration
The Parani-MSP1000 prevents unauthorized access using an IP address based filtering method. The
users can allow one of the following scenarios by changing the parameter settings:
- Any host cannot access a specific service of the Parani-MSP1000
- Only one host of a specific IP address can access a specific service of the Parani-MSP1000
- Hosts on a specific subnet can access a specific service of the Parani-MSP1000
- Any host can access a specific service of the Parani-MSP1000
The firewall feature is intended to control access to Telnet console, SSH console, Web server or each
Serial Port Profile session, which may be enabled or disabled. The factory default of the firwall feature
is “All services and ports are accessible from any host”.
The meanings of each parameter in IP filtering configuration are as follows,
z
Interface
Apply IP filtering rule to the incoming packet of Parani-MSP1000. This is configurable one of
eth0 or pan0.
z
Option and IP address/mask
Input field to describe a specific range of host on the network. The user may allow a host or a
group of hosts to access the Parani-MSP1000. The user must then enter the IP address and
subnet of access. Any user on a remote host must stay in the specified subnet boundary to
access the Parani-MSP1000. To allow only a specific host to access the Parani-MSP1000,
enter the IP address of the specific host and just give 255.255.255.255 for the subnet with
Normal option. To allow any hosts to have access to the Parani-MSP1000, give 0.0.0.0 for both
of the IP address and subnet with Normal option also. Refer to Table 3-2 for more details.
z
Port
The TCP port number to which will be applied to the firewall rule. User can select one of
23(Telnet), 22(SSH), 80(HTTP), 443(HTTPS) or each Serial Port Profile session.
z
Chain rule
Set the basic rule for the host to access the Parani-MSP1000 as one of Accept, Drop or Reject.