ZyXEL Communications 2 Plus User Manual

Chapter 38 Filter Configuration

ZyWALL 2 Plus User’s Guide

Refer to the next section for information on configuring the filter rules.

To configure a filter rule, type its number in Menu 21.1.1 - Filter Rules Summary and press 
[ENTER] to open menu 21.1.1.1 for the rule.
To speed up filtering, all rules in a filter set must be of the same class, i.e., protocol filters or 
generic filters. The class of a filter set is determined by the first rule that you create. When 
applying the filter sets to a port, separate menu fields are provided for protocol and device 
filter sets. If you include a protocol filter set in a device filter field or vice versa, the ZyWALL 
will warn you and will not allow you to save.

This section shows you how to configure a TCP/IP filter rule. TCP/IP rules allow you to base 
the rule on the fields in the IP and the upper layer protocol, for example, UDP and TCP 
headers.
To configure TCP/IP rules, select TCP/IP Filter Rule from the Filter Type field and press 
[ENTER] to open Menu 21.1.1.1 - TCP/IP Filter Rule, as shown next.

Figure 372   Menu 21.1.1.1: TCP/IP Filter Rule

Off

Offset

Len

Length

Table 203   Rule Abbreviations Used

Menu 21.1.1.1 - TCP/IP Filter Rule

             Filter #: 1,1
             Filter Type= TCP/IP Filter Rule
             Active= Yes
             IP Protocol= 0     IP Source Route= No
             Destination: IP Addr=
                          IP Mask=
                          Port #=
                          Port # Comp= None
                  Source: IP Addr=
                          IP Mask=
                          Port #=
                          Port # Comp= None
             TCP Estab= N/A
             More= No           Log= None
             Action Matched= Check Next Rule
             Action Not Matched= Check Next Rule

             Press ENTER to Confirm or ESC to Cancel: