...
Each 'match' command may contain the 'not' key. When using the key, packets that do not meet the given requirement will fall under the rule.
You can obtain more detail information about firewall configuration in 'CLI command reference guide'.
| Scroll Pagebreak |
|---|
Firewall configuration example
...
| Блок кода |
|---|
esr(config)# security ips policy OFFICE esr(config-ips-policy)# description "My Policy" esr(config-ips-policy)# protect network-group LAN |
| Scroll Pagebreak |
|---|
...
| Блок кода |
|---|
esr(config-ips-category-rule)# source-port any |
...
As the TCP destination port for the protocol http is usually used port 80, but Internet sites can also work on non-standard ports, so we specify any:
...