Advanced firewall rules for filtering
The advanced firewall rules allow characterizing traffic based on the Incoming Device Type and the Outgoing Device Type, or both. The “Type” field is the action that the rule takes on the traffic that is matched. The type can be either ACCEPT, DROP or REJECT. ACCEPT takes the matched traffic, DROP drops the traffic and REJECT would send an ICMPInternet Control Message Protocol unreachable packet to the sender and then DROP the packet.
The traffic can be filtered based on the Source IPInternet protocol, destination IP, source ports or destination ports. An IP subnet also can be specified with a CIDRClassless Inter-Domain Routing notation, e.g. 192.168.1.0/24.
Multiple firewall rules can be added to achieve a combination by means of priority. The priority is in ascending order, so the rule with a lower priority is processed first. So to accept a particular IP address and drop all other traffic, we have the ACCEPT rule with a lower priority and the DROP rule with a higher priority.