Flag any of th e above elements with Inverted t o perform target action on packets n ot matching
any criteria specified in th at line. For example, if y ou select DROP as t he target action, speci fy
Inverted for a source IPadd ressand d o not specify any other criteria in the rule, any packets
arriving from any oth er source IP address than the one specified are dropped.
Numeric protocol options
If you select Num eric as the protocol when speci fying a rule, you need to specify the d esired
number.
TCP protocol options
If you select TCP as the prot ocol when specifying a rule, yo u can define the following option s.
Field/Menu op tion Definition
Sourceor Destination Port Specifya source or destination port number for filtering. Specifya range to
filterTCP packets for any por t number within the range.
TCP Flags
Specifyany of the flags: SYN ( synchronize), ACK (acknowledge), F IN
(finish),RST (re set), URG (urgent) , PSH (push) and one of the Any, Set, or
Unsetconditions to filter TC P packets for the specified flag and selected
condition.
Table 1.4: TC P Protocol Optio n Definitio ns
UDP protocol options
Select UDP opti ons by selecting UDP as th e protocol when selecting a rule. Cho ose either the
Source or Destinati on Port from the field, as de fined above.
ICMP protocol options
When you select ICMP as a p rotocol when sp ecifying a rule, you can select the ICMP opt ions
available on t he display.
Targetactions
The Target is the action t o be performed on an IPp acket that matches all the criteria spe cified
in a rule.
NOTE: Ifthe L OGand R EJECTtar gets are selected,ad ditionaloptions are available.
For detailed in formation on LOG t arget options, see LOG ta rget on page 83.
For detailed in formation on REJECT target o ptions, see REJECT target on page 84.
8Cyclades®ACS5 000 Installation /Administration/User G uide