ZyXEL Communications P-660 User Manual

                                               

filter sets that were configured before. Instead, when ZyNOS translates the old 
configuration into the new format, it will verify the filter rules and log the 
inconsistencies. Please check the system log (Menu 24.3.1) before putting your device 
into use.   

In order to avoid operational problems later, the P-660 will disable its 
routing/bridging functions if there is an inconsistency among its filter rules.   
    

1.  A filter for blocking the web service   
2.  A filter for blocking a specific client   
3.  A filter for blocking a specific MAC address   
4.  A filter for blocking the NetBIOS packets   

A filter for blocking the web service  

Configuration  

Before configuring a filter, you need to know the following information:   

1. The outbound packet type (protocol & port number)   
2. The source IP address   

Generally, the outbound packets for Web service could be as following:   

a. HTTP packet, TCP (06) protocol with port number 80   
b. DNS packet, TCP (06) protocol with port number 53 or   
c. DNS packet, UDP (17) protocol with port number 53   

For all workstation on the LAN, the source IP address will be 0.0.0.0. Otherwise, you 
have to enter an IP Address for the workstation you want to block. See the procedure 
for configuring this filter below.   

      1. Create a filter set in Menu 21, e.g., set 1   

      2. Create three filter rules in Menu 21.1.1, Menu 21.1.2, Menu 21.1.3   

•  Rule 1- block the HTTP packet, TCP (06) protocol with port number 80   
•  Rule 2- block the DNS packet, TCP (06) protocol with port number 53   
•  Rule 3- block the DNS packet, UDP (17) protocol with port number 53   

      3. Apply the filter set in menu 4   

                                     

55 

All contents copyright © 2005 ZyXEL Communications Corporation.