Zones
The Zones view lets you can configure firewall zones to group your firewall rules.
At the top of the page is a list of selectable zones.
By default this list contains the LAN and WAN zones, which contain default settings for local and Internet traffic.
When a particular interface is selected, details about it is shown in the configuration section.
Zone configuration
| Item | Description |
|---|---|
| Name | Identifier for the zone. |
| Default policy | Default behavior for various traffic. |
| Masquerading | Enable firewall masquerading. |
| MSS Clamping | MSS Clamping limit. |
| Allow forward to destination zones | Check zones to permit forwarding. |
| Allow forward from source zones | Check zones to permit forwarding. |
| Zone members | Interfaces that are part of the zone. |
Default Policy
The default policy setting defines firewall rules that apply unless specific rules override them.
| Item | Description |
|---|---|
| Input | Incoming traffic from WAN. |
| Output | Outgoing traffic to WAN. |
| Forward | Traffic from LAN to WAN. |
The different default policy values determine the firewall behavior, through the firewall actions:
Firewall Action
The firewall action defines how traffic is handled by the firewall.
| Item | Description |
|---|---|
| ACCEPT | Allow the traffic. |
| REJECT | Refuse the traffic. |
| DROP | Ignore the traffic. |
| FORWARD | Pass the traffic along. |
Add Firewall Zone
To add a firewall zone:
- Click the Add button
- Enter information in the fields
- Click Apply
Once the zone has been created, you can use it with your connections.
Add Zone Members
If you have networks/devices set up, you can add them to the zone.
To add a device as a zone member:
- Click the Add button
The Select network device dialog opens.
- Open the select network menu
- Select the device
- Click OK
- Click Apply