Routers are simple conditional rules (that is, if-then expressions) that determine how the received object has to be inspected. They consist of a condition and a corresponding action: if the parameter of the traffic (or file) matches the set condition, then the action is performed. The condition consists of a variable and a pattern: the condition is true if the variable of the inspected object is equal to the specified pattern. The action can be a default action (for example, ACCEPT, REJECT, and so on) or a scanpath. Routers cannot be used on their own, they must belong to a rule group. A rule group is a list of routers, defining a set of conditions that are evaluated one-by-one for a given scenario. Rule groups also have a default action or scanpath that is performed if none of the set conditions match the received object. Rule groups are also important because a Zorp proxy can send data only to a rule group, and not to a specific router (see Section 14.2.4, Configuring Zorp proxies to use ZCV for details).
| Warning |
|---|
Only the action or scanpath, corresponding to the first matching condition is performed, therefore the order of the routers in a rule group is very important. |
Routers and rule groups can be managed (created, deleted and edited) from the section of the tab of the ZMC component. The defined rule groups and their corresponding routers (conditions and actions) are displayed as a sortable tree.
| Tip |
|---|
Rule groups and routers can be disabled from the local menu if they are temporarily not needed. |
To create and configure a set of routers, complete the following procedure:
Published on May 30, 2024
© BalaSys IT Ltd.
Send your comments to support@balasys.hu
