Selecting the Packet Filter and Blacklists option from the Main Menu opens the Firewall Configuration screen.

Access Control Lists

The LoadMaster supports a "blocked list" and "allowed list" Access Control List system. Any host or network entered into the blocked list is blocked from accessing any service provided by the LoadMaster, whereas any host or network entered into the allowed list is allowed to access any service provided by the LoadMaster. The allowed list is used to 'punch holes' in the blocked list.

The LoadMaster also has a packet filter. When enabled, the packet filter blocks all IP packets that are not directed at a configured port.

The Access Control list is only enabled when the packet filter is enabled. By default the Access Control List is disabled. This means that all source IP addresses are accepted by the LoadMaster.

The following options are available when you select the Access Control Lists option:

  • Enable Access Control Lists: Use this toggle option to activate or deactivate the Packet Filter/Access Control List.
  • Show blocked addresses: Lists the content of the current blocked list.
  • Add address to blocked list: Add a host or network IP address to the blocked list. IPv4 and IPv6 addresses are allowed. A network is specified by using a network specifier, for example, specifying 192.168.200.0/24 blocks all hosts on the 192.168.200 network.
  • Delete address from blocked list: Delete an IP address or network from the blocked list.
  • Show allowed addresses: Lists the content of the current allowed list
  • Add address to allowed list: Add a host or network IP address to the allowed list.
  • Delete address from allowed list: Delete an IP address or network from the allowed list.
  • Reject/Drop blocked packets: When a connection request is received from a host, which is blocked using the ACL, the request is normally ignored (dropped). The LoadMaster may however be configured to send back an ICMP reject packet. For security reasons, it is usually best to drop any blocked requests.