Rules
New Flow rule items can be added.
Flow rule
Flow rules defined how network traffic flows through the device.
- Rejection - The response to send on packets rejection.
- Input matches - Flow matches packets on these inputs.
- Filter packets - Packet filter list.
- Output interfaces - Send packets that match the input interfaces and filter rules to these output interfaces and zones.
- Modify packet on output - Make changes to packets on output.
Properties
Enable
Enable this flow rule.
- Data type: boolean
- Default:
true - Configuration
CLI: (cli)> config network flow rule <key> enable
Label
The label used to describe and locate this flow rule.
- Data type: string
- Configuration
- Optional
CLI: (cli)> config network flow rule <key> label
Priority
The priority for this flow rule.
- Data type: integer
- Default:
0 - Configuration
- Required
CLI: (cli)> config network flow rule <key> priority
Packet origin
The source or packets this rule applies to.
| Option | Label | Description |
|---|---|---|
remote | Remote hosts | This flow applies to packets from remote hosts. |
local | Sent by local services | This flow applies to packets from the local host. |
- Data type: string select
- Default:
remote - Configuration
- Required
CLI: (cli)> config network flow rule <key> origin
Action
The action to take on packets matching this flow rule.
| Option | Label | Description |
|---|---|---|
forward | Forward | Packets matching this flow rule will be forwarded. |
drop | Drop | Packets matching this flow rule will be dropped. |
reject | Reject | Packets matching this flow rule will be rejected. |
local | Receive by local service | Allow traffic to flow to a local service. |
- Data type: string select
- Configuration
- Required
CLI: (cli)> config network flow rule <key> action
Local service
The local service that terminates the network traffic.
- Data type: reference path
- References instances of: Network / ip / Listening sockets
- Configuration
- Required
CLI: (cli)> config network flow rule <key> local