Traffic Rules
Traffic rules are essential for managing network traffic in a secure and efficient manner. They define how data packets are handled as they pass through the WP500 device. By setting traffic rules, you can allow or block specific types of network traffic based on criteria such as IP addresses, MAC addresses, ports, and protocols. This ensures that only authorized communications occur within your network, providing enhanced security and traffic control.
Configure Traffic Rules in WP500
The WP500 product offers both basic and user configurations for setting up traffic rules. Here's how to configure them:
General Setting
- Choose between LAN0, LAN1, and LAN2 to configure the appropriate interface.
- Configure the handling of invalid packets by selecting options such as DROP to reject them or ACCEPT if you want to allow only valid packets
Basic Configuration
Basic configuration allows you to define standard traffic rules that control incoming and outgoing traffic based on predefined settings.
- Added Rules:
|
Field |
Description |
|
Direction |
Shows the direction of traffic (e.g., ingress, egress) |
|
LAN Type |
Shows the LAN type (e.g., lan0). |
|
Protocol |
shows the protocol (e.g., TCP). |
|
Port |
Specify the destination port (e.g., 443 for SSL/TCP) |
|
Action |
Action to take, such as ACCEPT or DROP the traffic |
- click on the Update button to save and enforce the new traffic rules.
This configuration is essential for allowing or blocking traffic through selected ports and protocols such as SSL (port 443), Straton (port 1200), Modbus (port 502), SSH (port 22), and SMTP (port 25). These rules will be added by default under LAN0.
User Configuration
User configuration allows you to create custom traffic rules based on more specific criteria, such as IP addresses, MAC addresses, and port ranges.
- Begin by clicking on the User Configuration tab to switch to the custom rule configuration screen.
- Define Rule Parameters:
|
Field |
Description |
|
Name |
Assign a name to your rule |
|
Protocol |
Choose the protocol (e.g., TCP, UDP) |
|
From/To IP/MAC Address |
Specify the source and destination IP or MAC addresses for more granular control. |
|
From/To Port: |
Define the port range that the rule will apply to |
|
Action |
Choose whether to ACCEPT or DROP the traffic |
- click on the Add button to save and enforce the new traffic rules.
This user configuration allows for precise control of network traffic by specifying detailed conditions. For example, you can create rules that only allow traffic from certain IP addresses or MAC addresses to specific ports.
Configuring Traffic Rules for LAN1 and LAN2
General Setting
Configure the handling of invalid packets by selecting options such as DROP to reject them or ACCEPT if you want to allow only valid packets
LAN1 and LAN2 require specific traffic rules to be added manually.
Add Traffic Rules
- Select the Interface (LAN1 or LAN2): When configuring LAN1 or LAN2, navigate to the appropriate interface tab.
- Fill in the following fields in the Add Traffic Rule section
|
Field |
Description |
|
Name |
Assign a name to your rule |
|
Protocol |
Choose the protocol (e.g., TCP, UDP) |
|
From/To IP/MAC Address |
Specify the source and destination IP or MAC addresses for more granular control. |
|
From/To Port: |
Define the port range that the rule will apply to |
|
Action |
Choose whether to ACCEPT or DROP the traffic |
After setting up these parameters, the rule will appear under the traffic rule list for LAN1 or LAN2, providing customized traffic control for those interfaces.
3. click on the Add button to save and enforce the new traffic rules.
The WP500 gateway allows you to define and manage traffic rules to control network traffic flow and enhance security. Follow these steps to add and configure traffic rules effectively:
Created with the Personal Edition of HelpNDoc: Full-featured EBook editor