Add a Static Defense Rule

Static defense rules are used to control and filter traffic sent to Yeastar P-Series PBX System. This topic describes how to add a static defense rule.

Procedure

In the Basic section, configure basic settings for the rule.


Setting	Description
Name	Enter a name to help you identify the rule.
Description	Optional. Add a note to the rule.
Action	Select an action for the rule. Accept: Accept connections from a specific address to a specific service or port(s) of the PBX. Drop: Restrict a specific address from accessing a specific service or port(s) of the PBX, and do NOT send any error notifications back to the sender. Reject: Restrict a specific address from accessing a specific service or port(s) of the PBX, and send error notifications back to the sender.

In the Defense Object section, configure relevant settings of defense objects.


Setting	Description
Object Type	Choose the type of the source traffic and configure the address. IP Address: If you choose this option, enter an IP address or an IP section in the subsequent field. Domain: If you choose this option, enter a domain in the subsequent field. MAC Address: If you choose this option, enter a MAC address in the subsequent field.
Service/Port Range	Set whether the rule is applied to a specific service or a port range. Service: If you choose this option, select a service in the subsequent drop-down list. Note: The port follows the setting in Service Ports (Path: System > Network). Port Range: If you choose this option, set a port range in the subsequent fields.
Protocol	Choose a protocol to which the rule is applied. UDP TCP BOTH: Both UDP and TCP

Click Save.

Result

For address that is allowed to access a specific service or port(s) of the PBX, the system will accept connections from the address.
For address that is restricted from accessing a specific service or port of the PBX, the system will block it when the address tries to access the service or port(s).