Services - Firewall
are the Filter Numbers so important in the Network Policy or the Firewall
rules of the Firewall ?
The firewall executes
the rules in ascending order, meaning that rule 100 is executed before
the rule 200. The sequence of the rules is important as each IP request
is checked against a matching rule. As soon as there's matching rule
it is being executed. All other subsequent rules are being omitted.
For instance, suppose there're the following rules defined:
Order Source Destination Policy Log Level
100 net loc DROP info
200 loc all ACCEPT info
300 fw net ACCEPT info
400 fw loc ACCEPT info
500 all all REJECT info
Each IP request is tried to be matched with a rule. For instance an
IP request from the internet (net) to the firewall (fw) is being rejected
by rule 500.