Справочник Пользователя для Interepoch Technology Inc. IWE3200

 

 

60

 

Fig. 99. Packet filters settings. 

 
You can specify rules for the firewall component of the Router to check outgoing packets. Packets 
that meet the rules can be permitted or denied. The protocol field, source IP address field, destination 
IP address field, and destination port field of a packet’s IP header are inspected to see if it meets a 
rule. A packet that meets a rule can be dropped (Block) or accepted (Accept) as specified in the Action 
setting of the rule. Packets that do not meet any rules can be dropped (Discard) or accepted (Pass) as 
specified in the Policy setting. 

 
A rule is composed of 5 parts: 

„ 

What to do if a packet meets this rule (Action) 

„ 

Protocol type 

‹ 

All 

‹ 

ICMP 

‹ 

TCP 

‹ 

UDP 

„ 

Source IP address range (Source IP Address AND Source Subnet Mask) 

„ 

Destination IP address range (Destination IP Address AND Destination Subnet Mask) 

„ 

Port ranges 

A source (destination) IP address range is determined by performing an AND operation on the source 
(destination) IP address field and the source (destination) subnet mask field. For example, if the 
source IP address field is 192.168.0.1 and the source subnet mask field is 255.255.255.0, the resultant 
source IP address range is 192.168.0.0 to 192.168.0.255.  

Up to 5 port ranges can be specified in a rule, and these ranges must be separated by commas. For 
example, “21,80,85-89,140,200-230” in the destination port field signifies 5 port ranges. 

1. 

Specify the protocol type, source IP address, source IP mask, destination IP address, desti-
nation IP mask, and destination port for the rule. Then specify in the Action setting how to 
deal with a packet that meets the rule. 

2. 

Select the corresponding Enabled check box.