2.8.10.1.2 Description

Objects can be combined and hierarchically structured in any way. For example, objects for the TCP and UDP protocols can be defined first. Building upon this, objects can subsequently be created, for example, for FTP (= TCP + ports 20 and 21), HTTP (= TCP + port 80) and DNS (= TCP, UDP + port 53). These can in turn be combined into one object that contains all the definitions of the individual objects.

Stations and services can be defined in the objects table according to the following rules.

Table 1. Objects for firewall actions
Description	Object-ID	Examples and comments
Local network	`%L`
Remote sites	`%H`	Name must be in DSL/ISDN/PPTP or VPN remote site list
Host name	`%D`
MAC-Address	`%E`	`00:A0:57:01:02:03`
IP-Address	`%A`	`%A10.0.0.1, 10.0.0.2`; `%A0` (all addresses)
Netmask	`%M`	`%M255.255.255.0`
Protocol (TCP/UDP/ICMP, etc.)	`%P`	`%P6` (for TCP)
Service (port)	`%S`	`%S20-25` (for ports 20 to 25)
LANCOM Trusted Access	`%g`	Note: The UUID for objects of the LANCOM Trusted Access must meet the following criteria: They may only contain hexadecimal numbers ('0'…'9', 'a'…'f', 'A'…'F') and the minus sign ('-'). The minus may only be at propositions 8, 13, 18 and 23 The minus character must appear 4 times in total The UUID must be at least 36 characters long Example: 550e8400-e29b-11d4-a716-446655440000

Note: Definitions of the same type can be created as comma-separated lists, such as host lists/address lists (%A10.0.0.1, 10.0.0.2) or with ranges separated by hyphens, such as port lists (%S20-25). Specifying "0" or an empty string denotes the Any object.

Note: For configuration from the CLI (Telnet or terminal application), the combined parameters (port, destination, source) must be enclosed with quotation marks ( ").

SNMP ID:

2.8.10.1.2

Console path:

Setup > IP-Router > Firewall > Objects

Possible values:

Max. 64 characters from [A-Z][a-z][0-9]#@{|}~!$%&'()*+-,/:;<=>?[\]^_. `

Default:

empty