In the actions table, firewall actions are combined as any combination of conditions, limits, packet actions and other measures.
A firewall action comprises of a condition, a limit, a packet action and other measures. In the actions table, firewall actions are made up of combinations of any of the following elements:
- SNMP ID:
- 2.8.10.4.2
- Console path:
- Setup > IP-Router > Firewall > Actions
- Possible values:
- Conditions
-
Table 1. Conditions for firewall actions Condition Description Object-ID Connect filter The filter is active if there is no physical connection to the destination of the packet @c DiffServ filter The filter is active if the packet contains the specified Differentiated Services Code Point (DSCP) @d Internet-Filter The filter is active if the packet was received, or is to be sent, via the default route @i VPN-Filter The filter is active if the packet was received, or is to be sent, via a VPN connection @v Note: If no further action is specified for the "Connect" or "Internet" filter, a combination of these filters is implicitly adopted with the "Reject" action. - Limits
- Each firewall action can be associated with a limit, which triggers the action if it is exceeded. Action chains can be formed by
combining multiple limits for a filter Limit objects are generally initiated with %L followed by:
Table 2. Limit objects for firewall actions Relation Connection-related (c) or global (g) Type Data rate (d), number of packets (p), or packet rate (b) Limit value The filter is active if the packet was received, or is to be sent, via the default route Other parameters e.g. time and size