Add a Static Defense Rule
Static defense rules are used to control and filter traffic sent to Yeastar P-Series PBX System. This topic describes how to add a static defense rule.
Procedure
- Log in to PBX web portal, go to Add. , click
- In the Basic section, configure basic settings for
the rule.
- Name: Enter a name to help you identify the rule.
- Description: Optional. Add a note to the rule.
- Action: Select an action for the rule.
- Accept: Accept connections from a specific address.
- Drop: Restrict a specific address from accessing a specific service or port of the PBX, and do NOT send any error notifications back to the sender.
- Reject: Restrict a specific address from accessing a specific service or port of the PBX, and send error notifications back to the sender.
- In the Defense Object section, configure relevant
settings of defense objects.
- Object Type: Choose the type of the source
traffic.
- IP Address: If you choose the option, enter an IP address or an IP section in the Source IP Address / Subnet Mask field.
- Domain: If you choose the option, enter a domain in the Domain Name field.
- MAC Address: If you choose the option, enter a MAC address in the MAC Address field.
- Service/Port Range: Set whether the rule is
applied to a specific service or a port range.Note: The setting is available ONLY when you set Action to Drop or Reject.
- Service: Select a service from the
drop-down list. The defense rule will be applied to the
service and the service port.Note: The port follows the setting in Service Ports ( ).
- Port Range: Set a port range.
- Service: Select a service from the
drop-down list. The defense rule will be applied to the
service and the service port.
- Protocol: Choose a protocol to which the rule
is applied.
- UDP
- TCP
- BOTH: Both UDP and TCP.
- Object Type: Choose the type of the source
traffic.
- Click Save.
Result
- For address that is allowed to access the PBX, the system will always accept connections from the address.
- For address that is restricted from accessing a specific service or port of the PBX, the system will block it when the address tries to access the service or the port.