Manual Chapter : Create a packet filter policy

Applies To:

Show Versions Show Versions

BIG-IP AFM

  • 15.0.0
Manual Chapter

Create a packet filter policy

You can create an IPv6 Packet Filter policy that contains one or more firewall rules. Once created, the policy can be applied to either the global or route domain contexts.
  1. On the Main tab, click
    Security
    Packet Filter
    Policies
    .
  2. To the right of the page, click
    Add Policy
    .
  3. Type a
    Name
    and optional
    Description
    for the policy.
  4. To the right of the page, click
    Add Rule
    .
  5. Type a
    Name
    for the rule.
  6. From the
    State
    list, select either
    Enabled
    or
    Disabled
    .
  7. From the
    Header Type
    list, select the appropriate IPv6 header to match. Info: Only one Extension Header can be configured per rule.
  8. In the
    Values
    text box, type a single EH option ID and click Add. Repeat this step for each option ID. Info: For a range of IDs, use a dash character separator. For example, 0-5.
  9. From the
    Action
    list, select either
    Accept
    or
    Drop
    .
  10. From the
    Log
    list, select either
    Yes
    or
    No
    . Important: The Packet Filter logging option must also be enabled in the Event Log logging profile.
  11. Click
    Done Editing
    .
  12. Click
    Commit Changes to System
    .
The packet filter policy can now be applied to the route domain or global context.