12.1. Using Filter Rules


12.1.1. Reference to Filter Rules

This describes the procedures to find information on vFirewall filter rules.
1. Click [1] frorm the Manage Enterprise Cloud screen.

../../_images/image255.png
2. Click the interface that you want to find from the Manage vFirewall screen (filter type).
(For this example, click [2] to see interface [inet].)
../../_images/image256.png
3. The filter rules for each interface will appear. Please check the content for each item from the chart below (information found on Filter Rules tabs).
../../_images/image257.png
* Information on filter rule tabs.
Item Content
a The priority of this filter rule (applied by ascending order for figures from 101 and above)
b The identifier for this filter rule
c The sending IP address of this filter rule
d The sending service of this filter service
e The receiving IP address of this filter rule
f The receiving service of this filter rule
g The allow and deny of the communications for this filter rule
h Whether this filter rule is valid and invalid

12.1.2. Adding Filter Rules

This describes the procedures to find information on adding vFirewall filter rules.
1. Click the interface you want to add to the rule from the vFirewall management screen (filter rule tab).
(For this example, click [1] as we want to add the communication rule from the internet, the interface will be [inet].)
../../_images/image258.png
2. Click [2] after the existing filter rules of each interface appears.
../../_images/image259.png
3. Click [3] after entering the required parameters. *Please check the below chart (input rules for the Add Filter Rules screen)<Label_11_1_2_PRO3>` on input rules for each item.
../../_images/image260.png
* Input rules for additional filter rule screen
Item Input Column Content Required or Optional Input Conditions
a Text box Enter the identifier name of the file rule Required Up to 40 characters however input one-byte characters only.
b Text box Enter the adaptation priorities of the filter rule Required
  • Can input only 101 one-byte characters.
  • Applied to figures in ascending order.
c Pull down Select the sending IP address Required
  • Can select from registered IP address objects and IP address group.
  • Must set up an IP address object beforehand when setting the non-registered IP address to the IP address object.
  • Select ‘Any’ when there is no particular setting required (set up using the sending IP address).
d Pull down Select the sending service Required
  • Can select from registered sever objects and service groups.
  • Must register service object beforehand when setting non-registered ports and ICMP Type to service objects.
  • Select ‘Any’ when there is no particular setting required (set up using the sending IP address).
e Pull down Select the receiving IP address Required
  • Can select from registered IP address objects and IP address groups.
  • Must set up an IP address object beforehand when setting the non-registered IP address to the IP address object.
  • Select ‘Any’ when there is no particular setting required (set up using the sending IP address).
f Pull down Select the receiving service Required
  • Can select from the registered service object and service groups.
  • Must register the service object beforehand when setting non-registered port and ICMP Type to service object.
  • Select ‘Any’ when there is no particular setting required (set up using the receiving IP address).
g Check box Select the valid and invalid filter rules Optional None
h Pull down Select the communication allow or deny filter rules Optional None

12.1.3. Editing Filter Rules

This describes the procedures to find information on editing vFirewall filter rules.
1. Click the interface you want to edit from the vFirewall management screen (filter rule tab).
(For this example, click [1] to edit the communication rule from the internet and add interface [inet] to the rules.)
../../_images/image261.png
2. Click [2] after the existing filter rules of each interface appears.
../../_images/image262.png
3. Click [3] after entering the required parameters. *Please refer to ‘11.1.2.Adding filter rules Procedure 3.*Input rules on adding filter rules‘ for input rules on each item.
../../_images/image263.png

12.1.4. Deleting Filter Rules

This describes the procedures to find information on deleting vFirewall filter rules.
1. Click the interface that has the filter rule you want to delete from the Manage vFirewall screen (Filter Rules tab).
(For this example, click [1] as we want to delete the communication rule from the Internet, the editing interface is [inet].)
../../_images/image264.png
2. Click [2] after the existing filter rules of each interface appears.
../../_images/image265.png
3. A warning screen will appear. Click [3] after checking the warning screen.
../../_images/image266.png
4. Click [4] after checking that the filter rule has been deleted.
../../_images/image267.png
5. The task management screen will appear. Click [5] after checking that the task status is ‘complete’ to finalize the procedure.
../../_images/image268.png
6. Click [6] to see and check more detailed information of the task.
../../_images/image269.png