Mushroom Networks Documentation

Configuration guide for advanced firewall rules

Note: You’d need to enable the experimental option to see advanced firewall rules section under the FIREWALL tab.

The advanced firewall rules allow characterizing traffic based on the Incoming Device Type and/or the Outgoing Device Type. 
  1. The Type field is the action that the rule will take on the traffic that is matched. The type can be either ACCEPT, DROP or REJECT. ACCEPT will accept the matched traffic, DROP will drop the traffic and REJECT would send an ICMP unreachable packet to the sender and then drop the packet.
  2. The traffic can be filtered based on the Source IP, Destination IP, source ports or destination ports. An IP subnet also can also be specified e.g. 192.168.1.0/24.
  3. Multiple firewall rules can be added to achieve a desired outcome by means of priority. The priority is in ascending order, so the rule with a lower priority will be processed first (zero has the highest priority). So to accept a particular IP address and drop all other traffic, we will have the ACCEPT rule with a higher priority and the DROP rule with a lower priority.
  4. Example : To accept TCP traffic destined to port 8081 only from a single source IP and drop everything else, the following accept rule with a priority of ‘0’ followed by a drop rule with a priority of ‘1’ will help.

 

© 2004 – 2024 Mushroom Networks Inc. All rights reserved.

Let’s chat. Call us at +1 (858) 452-1031 or fill the form: