Manual Chapter : Monitoring Active Firewall Policies
Applies To:Show Versions
BIG-IQ Centralized Management
View active firewall policies
You use the Active Policy screen to view summary information about the firewall policies and rules that are currently active on BIG-IP® devices.
- Click .
- Review the firewall policies, including on what BIG-IP devices they are active.
To review the rules and rule lists in a policy, click the policy name.
The screen displays rules and rule lists in the policy.
- To edit a rule or rule list, click the name of the rule or rule list.
Active firewall policy rule properties
This table describes the rule properties shown for a firewall policy that is active on a BIG-IP device.
|#||Specifies the evaluation order of the rule within the policy. Rules are evaluated from the lowest number to the highest. If a rule is contained within a rule list, it will be numbered after the decimal point. For example, a policy with 3 rules, followed by a rule list containing 2 rules, followed by another rule outside of the rule list, would be numbered as: 1, 2, 3, 4, 4.1, 4.2, 5. In the example, 4 represents the rule list, and 4.1 and 4.2 are the evaluation order of the rules within that rule list.|
|Rule Name||Specifies the name of the rule. This contains a reference to the rule list when the row contains a rule list. You can click the rule name for more information.|
|Rule List Name||Specifies the name of the rule list that contains one or more rules. This is blank when the row contains a rule.|
|Action||Specifies the action taken when the rule is matched, such as whether it is accepted or rejected.|
|Protocol||Specifies the IP protocol used by the rule to compare against the packet.|
|Log||Specifies whether the firewall software should write a log entry for any packets that match this rule.|
|State||Specifies the activity state of the rule, such as whether it is enabled or disabled.|