22-7
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 22 Managing Transparent Firewall Rules
Transparent Rules Page
Edit Transparent EtherType Dialog Box
Use the Edit Transparent EtherType dialog box to edit the EtherType in a transparent firewall rule. Enter
the hexadecimal code that identifies the traffic. For ASA/PIX/FWSM devices, you can also select the
keyword for some types of traffic. For a list of codes, see RFC 1700 at http://www.ietf.org/rfc/rfc1700.txt
and search for “Ether Type.” For a more detailed description of EtherType, see Add and Edit Transparent
Firewall Rule Dialog Boxes, page 22-5.
For more information, see Configuring Transparent Firewall Rules, page22-1.
Navigation Path
Right-click the EtherType cell in a transparent rule (on the Transparent Rules Page, page22-3) and select
Edit EtherType. You can edit the EtherType for one row at a time.
Edit Transparent Mask Dialog Box
Use the Edit Transparent Mask dialog box to edit the mask in a transparent firewall rule for an IOS
device. The mask is a 16-bit hexadecimal number that determines how the EtherType code is interpreted.
A mask of 0xFFFF indicates the EtherType is literal. Any other mask indicates the corresponding bits in
the EtherType to ignore. You must convert the hexadecimal number to binary to fully interpret the mask
(binary 1 means interpret the corresponding EtherType value literally, 0 means allow any value at that
position).
For more information, see Configuring Transparent Firewall Rules, page22-1.
Navigation Path
Right-click the Mask cell in a transparent rule (on the Transparent Rules Page, page22-3) and select
Edit Mask. You can edit the mask for one row at a time.