ZyXEL Communications 5 Series User Manual
Chapter 46 Filter Configuration
ZyWALL 5/35/70 Series User’s Guide
701
The following figure illustrates the logic flow of an IP filter.
Port # Comp
Press [SPACE BAR] and then [ENTER] to select the comparison to apply to the
destination port in the packet against the value given in Destination: Port #.
Options are None, Equal, Not Equal, Less and Greater.
destination port in the packet against the value given in Destination: Port #.
Options are None, Equal, Not Equal, Less and Greater.
Source
IP Addr
Enter the source IP Address of the packet you wish to filter. This field is ignored if it
is 0.0.0.0.
is 0.0.0.0.
IP Mask
Enter the IP mask to apply to the Source: IP Addr.
Port #
Enter the source port of the packets that you wish to filter. The range of this field is 0
to 65535. This field is ignored if it is 0.
to 65535. This field is ignored if it is 0.
Port # Comp
Press [SPACE BAR] and then [ENTER] to select the comparison to apply to the
source port in the packet against the value given in Source: Port #.
Options are None, Equal, Not Equal, Less and Greater.
source port in the packet against the value given in Source: Port #.
Options are None, Equal, Not Equal, Less and Greater.
TCP Estab
This field is applicable only when the IP Protocol field is 6, TCP. Press [SPACE
BAR] and then [ENTER] to select Yes, to have the rule match packets that want to
establish a TCP connection (SYN=1 and ACK=0); if No, it is ignored.
BAR] and then [ENTER] to select Yes, to have the rule match packets that want to
establish a TCP connection (SYN=1 and ACK=0); if No, it is ignored.
More
Press [SPACE BAR] and then [ENTER] to select Yes or No. If Yes, a matching
packet is passed to the next filter rule before an action is taken; if No, the packet is
disposed of according to the action fields.
If More is Yes, then Action Matched and Action Not Matched will be N/A.
packet is passed to the next filter rule before an action is taken; if No, the packet is
disposed of according to the action fields.
If More is Yes, then Action Matched and Action Not Matched will be N/A.
Log
Press [SPACE BAR] and then [ENTER] to select a logging option from the following:
None – No packets will be logged.
Action Matched - Only packets that match the rule parameters will be logged.
Action Not Matched - Only packets that do not match the rule parameters will be
logged.
Both – All packets will be logged.
None – No packets will be logged.
Action Matched - Only packets that match the rule parameters will be logged.
Action Not Matched - Only packets that do not match the rule parameters will be
logged.
Both – All packets will be logged.
Action Matched
Press [SPACE BAR] and then [ENTER] to select the action for a matching packet.
Options are Check Next Rule, Forward and Drop.
Options are Check Next Rule, Forward and Drop.
Action Not
Matched
Matched
Press [SPACE BAR] and then [ENTER] to select the action for a packet not
matching the rule.
Options are Check Next Rule, Forward and Drop.
matching the rule.
Options are Check Next Rule, Forward and Drop.
When you have Menu 21.1.1.1 - TCP/IP Filter Rule configured, press [ENTER] at the message “Press
ENTER to Confirm” to save your configuration, or press [ESC] to cancel. This data will now be
displayed on Menu 21.1.1 - Filter Rules Summary.
ENTER to Confirm” to save your configuration, or press [ESC] to cancel. This data will now be
displayed on Menu 21.1.1 - Filter Rules Summary.
Table 248 Menu 21.1.1.1: TCP/IP Filter Rule
FIELD
DESCRIPTION