192

Chapter 11 - TCP/IP Filtering

 

 

 

 

 

 

 

 

 

 

 

 

 

 

ICMP TYPES:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

echo-reply (0)

dest-unrch (3)

src-quench (4)

 

 

 

 

 

 

 

 

 

redirect (5)

echo, ping (8)

time-exceed (11)

 

 

 

 

 

 

 

 

 

param-prob (12)

time (13)

time-reply (14)

 

 

 

 

 

 

 

 

 

info (15)

info-reply (16)

mask (17)

 

 

 

 

 

 

 

 

 

mask-reply (18)

 

 

 

 

 

 

 

 

 

ϖNote: RFC 1700 "Assigned Numbers" contains a listing of all currently assigned IP protocol keywords and numbers.

IP Packet Filter Rule Modifiers

These modifiers act to restrict the type of packets which will match a filter rule.

IP This option specifies that all packets from the source and destination IP address and mask will match this rule. If no particular IP protocol packet type (TCP, UDP, ICMP, GRE, AH, ESP or OSPF) is specified, IP is assumed.

The IP protocols, other than IP itself, may be specified as a decimal number or as a keyword. The supported keywords are followed by their protocol numbers for your reference.

TCP (6)

UDP (17)

ICMP (1)

GRE (47)

AH (51)

OSPF (89)

ESP (50)

 

TCP

or TCP src <expression> <port> or TCP dst <expression> <port> or TCP est

or TCP src <expression> <port> est or TCP dst <expression> <port> est

This modifier allows filtering on TCP (Transmission Control Protocol) packets. A source or destination port may be filtered by including the src or dst specifiers, followed by a logical expression and a port (as described in the subsection above).

Page 197 Page 199
Page 198
Image 198
Compatible Systems 5.4 manual Icmp Types, IP Packet Filter Rule Modifiers
Page 197 Page 199
Top Page Image Contents