Port forwarding Forwarding Firewall Zone Zones Custom redirect Custom Rules Here you can create custom firewall rules to control your network traffic. The firewall creates zones over your network interfaces to control network traffic flow. Input Zone Output Zone Source address Destination address Source MAC-Address Source port Destination port Action accept reject drop Port forwarding allows to provide network services in the internal network to an external network. External Zone External port port or range as first-last Internal address IP-Address Internal port (optional) port or range as first-last Here you can specify which network traffic is allowed to flow between network zones. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall. Input Output Defaults These are the default settings that are used if no other rules match. SYN-flood protection Incoming Traffic Outgoing Traffic Forwarded Traffic Zones part the network interfaces into certain isolated areas to separate network traffic. One or more networks can belong to a zone. The MASQ-flag enables NAT masquerading for all outgoing traffic on this zone. Incoming Traffic Default Policy Outgoing Traffic Default Policy Forwarded Traffic Default Policy MASQ Networks contained networks