networkRulesSourceAddress
MX-NFW-MIB ·
.0.2250.1.600.1.300
Object
column
r/w
OctetString
Source Address
Source address of the incoming packet using the following
format: address[/mask] or network interface name/.
Address can be either a network IP address (using /mask) or one
of the host IP addresses.
When specifying a network interface name, it is mandatory to
use the suffix '/'. Doing so indicates that the network address
of this interface is used instead of the host address. Also, it
must match one of the values in the
networkInterfacesStatusTable.InterfaceName parameter from the
Basic Network Interface (BNI) service. Note that if the
specified network interface is disabled or removed, the rule is
automatically disabled thus removed from the firewall. When the
network interface is enabled or added back, the rule is
automatically enabled and applied in the firewall.
Mask must be a plain number specifying the number of binary 1s
at the left side of the network mask. E.g.: a mask of 24
specifies a network mask of 255.255.255.0.
Leaving the default empty string matches any address.
Context
- MIB
- MX-NFW-MIB
- OID
.0.2250.1.600.1.300- Type
- column
- Access
- readwrite
- Status
- current
- Parent
- networkRulesEntry
- Table
- networkRulesTable
- Siblings
- 15
Syntax
OctetString
Values & Constraints
Object Constraints
range: 0-51
Related Objects
Sibling Objects
| Object | Type | Syntax | OID |
|---|---|---|---|
| networkRulesPriority Rule Priority
Unique identifier of the row in the table. | column | SNMPv2-SMIUnsigned32 | .0.2250.1.600.1.100 |
| networkRulesDown Down
Moves the current row downwards. | column | Enumeration | .0.2250.1.600.1.1000 |
| networkRulesInsert Insert
Inserts a new row before this row. | column | Enumeration | .0.2250.1.600.1.1100 |
| networkRulesDelete Delete
Deletes this row. | column | Enumeration | .0.2250.1.600.1.1200 |
| networkRulesActivation Activation
Activates this rule.
* Enable: This rule is active in the firewall.
* Disable: This rule is not in the firewall. | column | MX-TCMxEnableState | .0.2250.1.600.1.200 |
| networkRulesSourcePort Source Port
Source port of the incoming packet using the following format:
port[-port].
MinPort-MaxPort specifies a port range.
The de… | column | OctetString | .0.2250.1.600.1.400 |
| networkRulesDestinationAddress Destination Address
Destination address of the incoming packet using the following
format: address[/mask] or network interface name/.
The address can… | column | OctetString | .0.2250.1.600.1.500 |
| networkRulesDestinationPort Destination Port
Destination port of the incoming packet using the following
format: port[-port].
MinPort-MaxPort specifies a port range.
… | column | OctetString | .0.2250.1.600.1.600 |
| networkRulesProtocol Protocol
Protocol of the incoming packet.
The protocol can be one of the following:
* All: Match packets using any protocols.
* Tc… | column | Enumeration | .0.2250.1.600.1.700 |
| networkRulesBlacklistEnable Blacklist Enable
Indicates if blacklisting is enabled for this rule.
* Enable: When a packet establishing a connection matches
this rule, the a… | column | MX-TCMxEnableState | .0.2250.1.600.1.720 |
| networkRulesRateLimitValue Rate Limit Value
Number of packets allowed to match this rule from a single
source IP address within a certain time period. | column | Unsigned32 | .0.2250.1.600.1.730 |
| networkRulesRateLimitTimePeriod Rate Limit Time Period
The time period on which to base the rate limit. This period is
expressed in seconds.
Ex.: a RateLimitValue of 10 and a RateLi… | column | Unsigned32 | .0.2250.1.600.1.740 |
| networkRulesConnectionState Connection State
Connection state associated with the incoming packet.
The connection state can be one of the following:
* All: Matc… | column | Enumeration | .0.2250.1.600.1.750 |
| networkRulesAction Action
Action taken when this rule matches a packet.
Action can be one of the following:
* Accept: Let the packet through.
* Rejec… | column | Enumeration | .0.2250.1.600.1.800 |
| networkRulesUp Up
Moves the current row upwards. | column | Enumeration | .0.2250.1.600.1.900 |