ZyXEL p-660h-61 Guida Utente
Prestige 660H Series User’s Guide
Filter Configuration
30-13
Figure 30-13 Menu 21.1.6.1 Sample Filter Rules Summary
30.7 Applying Filters and Factory Defaults
This section shows you where to apply the filter(s) after you design it (them). Sets of factory default
filter rules have been configured in menu 21 (but have not been applied) to filter traffic.
filter rules have been configured in menu 21 (but have not been applied) to filter traffic.
Table 30-5 Filter Sets Table
FILTER SETS
DESCRIPTION
Input Filter Sets:
Apply filters for incoming traffic. You may apply protocol or device
filter rules. See earlier in this chapter for information on filters.
filter rules. See earlier in this chapter for information on filters.
Output Filter Sets: Apply filters for traffic leaving the Prestige. You may apply filter rules
for protocol or device filters. See earlier in this section for
information on types of filters.
information on types of filters.
Call Filter Sets:
Apply filters to decide if a packet should be allowed to trigger a call.
30.7.1 Ethernet Traffic
You seldom need to filter Ethernet traffic; however, the filter sets may be useful to block certain
packets, reduce traffic and prevent security breaches. Go to menu 3.1 (shown next) and type the
number(s) of the filter set(s) that you want to apply as appropriate. You can choose up to four filter
sets (from twelve) by typing their numbers separated by commas, for example, 3, 4, 6, 11. The factory
default filter set, NetBIOS_LAN, is inserted in the protocol filters field under Input Filter Sets in
menu 3.1 in order to prevent local NetBIOS messages from triggering calls to the DNS server.
packets, reduce traffic and prevent security breaches. Go to menu 3.1 (shown next) and type the
number(s) of the filter set(s) that you want to apply as appropriate. You can choose up to four filter
sets (from twelve) by typing their numbers separated by commas, for example, 3, 4, 6, 11. The factory
default filter set, NetBIOS_LAN, is inserted in the protocol filters field under Input Filter Sets in
menu 3.1 in order to prevent local NetBIOS messages from triggering calls to the DNS server.
Menu 21.1.6 - Filter Rules Summary
# A Type Filter Rules M m n
- - ---- --------------------------------------------------------------- - - -
1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=23 N D F
2 N
3 N
4 N
5 N
6 N
Enter Filter Rule Number (1-6) to Configure: 1
# A Type Filter Rules M m n
- - ---- --------------------------------------------------------------- - - -
1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=23 N D F
2 N
3 N
4 N
5 N
6 N
Enter Filter Rule Number (1-6) to Configure: 1
M = N means an action can be taken immediately.
The action is to drop the packet (m = D) if the
action is matched and to forward the packet
immediately (n = F) if the action is not matched no
matter whether there are more rules to be
checked (there aren’t in this example).
This shows you that you have
configured and activated (A = Y) a
TCP/IP filter rule (Type = IP, Pr = 6)
for destination telnet ports (DP =
23).