Echo EN55022 manual IP Filter WAN or Ethernet, Edit, List Parameter Description, Line, SRC Addr

Page 37

4.7.2 IP FILTER (WAN or Ethernet)

Both the Ethernet and WAN ports on the router can have an individual IP filter table. If IP filtering is active then any packets received are checked against the filter table before processing by the Router.

Each port IP filter table can have 64 entries. When the first entries are made they will not become active until the table screen is exited. Any future input will become active immediately.

The filter table is sequentially searched for each IP packet received until a match is found. A filter table with multiple entries will impose significant processor loading and a corresponding drop in throughput.

The filter table is split into three parts. The first part is source and destination IP address. The second part is protocol selection, and the third port or socket selection for TCP and UDP packets. Each section supports the use 'wild card' entries to allow any value to be matched e.g. to pass only TCP packets the user 'wild cards' the both source and destination IP address, and the port numbers.

Each line in the filter table can be configured as a pass or fail. The normal operation would be to put a number of entries in the filter table that would pass if a match occurs. By default the last entry in the filter table must be a failure, however it is possible to use the filter table in a reverse fashion and define each line so that a match results in failure. The last entry would have wild card entries for all three sections and results in a pass.

MENU SELECTION

DESCRIPTION

ADD

A new entry may be added to the end

 

of the Table or after an entry

EDIT

To edit an entry, selecting the

 

relevant line number entering

 

required amendments.

DELETE

Enter the line number to delete.

CLEAR

To delete the entire table.

NAME

Define a name for this filter table

LIST PARAMETER

DESCRIPTION

LINE

Line number of Filter Table entry to

 

be amended/deleted

SRC ADDR

The source address for IP packets to

 

be filtered. A network address,

 

individual IP address or ALL may be

 

specified.

Echo LANlink Router Option User Manual

Issue 1.0 04 December 1997 Page 37 of 59

Page 36 Page 38
Image 37
Page 36 Page 38
Contents Page 5SXLANlink Contents Issue 1.0 04 December 1997 Page 4 Glossary Linking two LANs together IntroductionTypical Applications Functional OverviewRestrictive Firewall Example Router Configuration Supervisor Terminal Requirements USE and ConfigurationLogin Default terminal VT 100/220/320/420. OK y or n?Falco Sunview WYSE50 ReturnSUN Supported Terminal TypesRouter Management Screen General Keyboard Conventions Router ManagementEntering a Parameter Megabit E1 Multiplexer Multiplexer ManagementSystem Status Clearing the Configuration back to Factory DefaultMain Link High BIT Error Rate Remote Alarm8 D/I Remote Alarm Main Link Carrier LossRouter WAN Link Status Opening the Multiplexer InstallationInternal Link LK13 Installing the Router OptionData Connections TestingFront Panel LEDs LED LabelQuick Configuration Receive IP RIP IPX ConfigurationTransmit IP RIP IP BroadcastTransmit IPX RIP Receive IPX RIPReceive IPX SAP Transmit IPX SAPUnit Status Router Menu OptionsParameter Description Options IP Routing Table Traffic AnalysisIP ARP Table Parameter DescriptionIPX Network IPX RIP TableNode HopsType IPX SAP TableSocket Show Traffic Details Network LoadingRemote Management Name Server ConfigurationTelnet OUT Security Parameter Description Options Name to IP Cache Parameter DescriptionSnmp Setup Parameter Description Unit ConfigurationEthernet Service Setup Parameter Description Options Service SetupOnes IP BroadcastZeros IP FilterWAN Service Setup Parameter Description Options Other PPP SetupMAC Filters WAN or Ethernet Filter SetupMenu Selection Description Edit IP Filter WAN or EthernetList Parameter Description LineNetwork Address 32 bits IPX SAP Filter Menu WAN or EthernetFrom SKT Node Address 48 bitsALL To SKTIPX Header Filters MAC Node ADR EventsNovell KEEP-ALIVES System Events PPP EventsFlash Programming Timeout Flash Verify Error Appendix a Warnings Installation of EquipmentThis Equipment Must be Earthed GroundedWarnung Mise en garde Cet équipement doit être relié a la terre Mise en garde Installation de léquipmentMise en garde Connexion dautres équipements Appendix B Approval Requirements Appendix C EMC Requirements Appendix D Rear Panel Layout Appendix E AUI Port 15-WAYD-TYPE Pinout TPTX+ Appendix F 10BASE-T RJ45 Port PinoutTptx TPRX+Source and Destination IP Address Appendix G IP Filter ExamplesProtocol Selection ExamplesSource and Destination Ports Issue 1.0 04 December 1997 Page 54 Appendix H IP Subnets Kermit Appendix I Router Maintenance MenuCTRL-A CTRL-BDownload New Firmware using Tftp Download New Firmware using TCP loaderRestore Configuration using Tftp Reset Password Set Default GatewayBoot File Using TCP Loader Set New IP AddressRun Monitor Boot File Using Tftp Loader
Top Page Image Contents