Copyright © 2013 Weidmüller Interface GmbH & Co. KG
63 / 103
All rights reserved. Reproduction without permission is prohibited.
5. Step-by-step description of creating a new packet filter (firewall rules) to prohibit
ping requests from devices of network 2 to devices B and C of network 1
General description of the Packet filter
The feature „Packet filter“ can be used to create firewall rules for IP address (Layer 3) and MAC address level ( Layer 2).
The packet filter is organized hierachical by using
rule-sets
which contains several single
rules
.
To define new firewall rules you first have to create a rule-set or you have to add the rule to an existing rule-set. A rule-
set can contain up to 10 firewall rules.
The manner how to configure rule-sets or rules is the same for Layer 2 and Layer 3 packet filters. All created rule-sets
are displayed in menu windows „Packet filter“. By clicking on the triangle icon (►) on the left side of a displayed rule-set
the belonging rules additionally will be displayed.
By default the Router contains 1
rule-set
called
Allow_L3*
which is acting as a general permission to allow inbound and
outbound traffic without any limitation.
Application method of defined rule-sets
Several configured rule-sets will be applicated top-down. That means every data traffic will first be checked by the top-
most displayed rule-set with its containing rules.
If a defined rule match the inspected data the filter rule will be applicated. After that the packet filter function immediately
will be left and no further defined rules and rule-sets will be applied.
If a defined rule do
not
match the inspected data the current filter rule will be skipped and the data will be checked by the
next filter rule (from top to down). This method will be conducted step-by-step with each defined rule-set (and belonging
rules) until a valid rule will be found and applied or no further rule exists.
6. Setup the firewall rules
► Select menu Configuration
Packet filter
Tab “Layer 3”
Figure A3-5
: Menu
Packet filter (Tab Layer 3)
showing the factory default settings
► Click on the icon
+
(right side of line “Add a new rule set”) to create a new rule-set and follow the below described
steps (Figure 5)