ZyXEL Communications 2 Plus User Manual
Chapter 38 Filter Configuration
ZyWALL 2 Plus User’s Guide
549
38.2.3 Configuring a Generic Filter Rule
This section shows you how to configure a generic filter rule. The purpose of generic rules is
to allow you to filter non-IP packets. For IP, it is generally easier to use the IP rules directly.
For generic rules, the ZyWALL treats a packet as a byte stream as opposed to an IP or IPX
packet. You specify the portion of the packet to check with the Offset (from 0) and the Length
fields, both in bytes. The ZyWALL applies the Mask (bit-wise ANDing) to the data portion
before comparing the result against the Value to determine a match. The Mask and Value are
specified in hexadecimal numbers. Note that it takes two hexadecimal digits to represent a
byte, so if the length is 4, the value in either field will take 8 digits, for example, FFFFFFFF.
To configure a generic rule, select Generic Filter Rule in the Filter Type field in menu
21.1.1.1 and press [ENTER] to open Generic Filter Rule, as shown below.
to allow you to filter non-IP packets. For IP, it is generally easier to use the IP rules directly.
For generic rules, the ZyWALL treats a packet as a byte stream as opposed to an IP or IPX
packet. You specify the portion of the packet to check with the Offset (from 0) and the Length
fields, both in bytes. The ZyWALL applies the Mask (bit-wise ANDing) to the data portion
before comparing the result against the Value to determine a match. The Mask and Value are
specified in hexadecimal numbers. Note that it takes two hexadecimal digits to represent a
byte, so if the length is 4, the value in either field will take 8 digits, for example, FFFFFFFF.
To configure a generic rule, select Generic Filter Rule in the Filter Type field in menu
21.1.1.1 and press [ENTER] to open Generic Filter Rule, as shown below.
Figure 374 Menu 21.1.1.1: Generic Filter Rule
The following table describes the fields in the Generic Filter Rule menu.
Menu 21.1.1.1 - Generic Filter Rule
Filter #: 1,1
Filter Type= Generic Filter Rule
Active= No
Offset= 0
Length= 0
Mask= N/A
Value= N/A
More= No Log= None
Action Matched= Check Next Rule
Action Not Matched= Check Next Rule
Filter Type= Generic Filter Rule
Active= No
Offset= 0
Length= 0
Mask= N/A
Value= N/A
More= No Log= None
Action Matched= Check Next Rule
Action Not Matched= Check Next Rule
Press ENTER to Confirm or ESC to Cancel:
Table 205 Generic Filter Rule Menu Fields
FIELD
DESCRIPTION
Filter #
This is the filter set, filter rule co-ordinates, i.e., 2,3 refers to the second filter set and the
third rule of that set.
Filter Type Use [SPACE BAR] and then [ENTER] to select a rule type. Parameters displayed below
each type will be different. TCP/IP filter rules are used to filter IP packets while generic
filter rules allow filtering of non-IP packets.
Options are Generic Filter Rule and TCP/IP Filter Rule.
Options are Generic Filter Rule and TCP/IP Filter Rule.
Active
Select Yes to turn on the filter rule or No to turn it off.
Offset
Enter the starting byte of the data portion in the packet that you wish to compare. The
range for this field is from 0 to 255.
Length
Enter the byte count of the data portion in the packet that you wish to compare. The range
for this field is 0 to 8.
Mask
Enter the mask (in Hexadecimal notation) to apply to the data portion before comparison.
Value
Enter the value (in Hexadecimal notation) to compare with the data portion.