Справочник Пользователя для Netopia D7171 SDSL
Security 8-75
E
E
E
Exxxxaa
a
am
m
m
mp
p
p
pllllee
e
e IIIIP
P
P
P ffffiiiillllttttee
e
errrrssss
E
E
E
Exxxxaa
a
am
m
m
mp
p
p
pllllee
e
e 1111
Write a filter rule that blocks the class C subnet represented by 200.1.1.0/25 from accessing the net.
Incoming packet has the source address of 200.1.1.28
To determine if the packet will match on the filter, per form a Boolean AND on the source IP address and the
filter’s source IP mask:
filter’s source IP mask:
This incoming IP packet has a source IP address that matches the network address in the Source IP Address
field (whose last byte is binar y 00000000) in the Netopia D-Series. This will not for ward this packet.
field (whose last byte is binar y 00000000) in the Netopia D-Series. This will not for ward this packet.
E
E
E
Exxxxaa
a
am
m
m
mp
p
p
pllllee
e
e 2
2
2
2
Incoming packet has the source address of 200.1.1.184.
Filter Rule:
200.1.1.0
(Source IP Network Address)
255.255.255.128
(Source IP Mask)
For ward = No
(What happens on match)
IP Address
Binar y Representation of
the last byte of the IP
address
the last byte of the IP
address
200.1.1.28
00011100
(Source address in incoming IP packet)
AND
255.255.255.128
10000000
(Per form the logical AND)
00000000
(Logical AND result)
Filter Rule:
200.1.1.0
(Source IP Network Address)
255.255.255.128
(Source IP Mask)
For ward = No
(What happens on match)
IP Address
Binar y Representation
200.1.1.184
10111000
(Source address in incoming IP packet)
AND