Echo EN55022 manual IP Filter WAN or Ethernet, Edit, List Parameter Description, Line, SRC Addr

4.7.2 IP FILTER (WAN or Ethernet)

Both the Ethernet and WAN ports on the router can have an individual IP filter table. If IP filtering is active then any packets received are checked against the filter table before processing by the Router.

Each port IP filter table can have 64 entries. When the first entries are made they will not become active until the table screen is exited. Any future input will become active immediately.

The filter table is sequentially searched for each IP packet received until a match is found. A filter table with multiple entries will impose significant processor loading and a corresponding drop in throughput.

The filter table is split into three parts. The first part is source and destination IP address. The second part is protocol selection, and the third port or socket selection for TCP and UDP packets. Each section supports the use 'wild card' entries to allow any value to be matched e.g. to pass only TCP packets the user 'wild cards' the both source and destination IP address, and the port numbers.

Each line in the filter table can be configured as a pass or fail. The normal operation would be to put a number of entries in the filter table that would pass if a match occurs. By default the last entry in the filter table must be a failure, however it is possible to use the filter table in a reverse fashion and define each line so that a match results in failure. The last entry would have wild card entries for all three sections and results in a pass.