![]() |
Packet filtering on the OnBoard appliance is controlled by chains and rules that are configured in iptables. (For more details about the predefined chains and rules, see Chains and Rules.)Both the Web Manager and the cycli utility provide a way for the OnBoard appliance administrator to add rules and to edit or delete any added rules:
• Because the OnBoard appliance filters packets like a firewall, the Web Manager menu option under Network is titled Firewall.
• The cycli utility provides the iptables command to do the same tasks, because when rules are added, edited or deleted, the corresponding iptables are updated.By default, the OnBoard appliance does not forward any traffic between private and public networks. The administrator might want to add rules to allow some limited communications between specific devices on the private network and the public network.CAUTION:It is possible for an OnBoard appliance administrator to create rules that circumvent the access controls on a device.