A firewall rule is first determined by its name and a few other options:
- On/off switch: Is the rule enabled?
- Observe further rules: Should further firewall rules be observed if this rule applies to a data packet? Observe further rules
- Priority: Which priority does the rule have? Priority
- Source tag: Using a source tag you add the source network where the device applies the firewall rule to the routing tag. Enter the source tag in order to uniquely specify the relationship between the source and destination hosts in ARF contexts: The device only forwards data packets to an ARF network when they originate from hosts in an ARF network with the specified source tag.
- Routing tag: By using the routing tag, additional information obtained via the destination IP addresses, such as the service or protocol used, can be used to select the destination route. The policy-based routing implemented in this way is used to achieve a significantly finer-grained routing behavior.
Note: The routing tag 0 means 'do not mark'. If the device is to route data packets to a network tagged with 0, please enter 65535 here.
