Custom Security Features using IP Filters
By using IP filters you can create your own custom security solutions. For example, you can limit local access to the Eicon 1530 for specific computers, accept incoming traffic only from certain remote users or networks, or drop incoming or outgoing nuisance traffic.
• | How Filtering Works | 53 |
• Defining a New Filter | 54 | |
• ‘Edit Filters’ Page Options | 56 | |
• Example: Dropping incoming traffic from a specific network | 59 | |
• | Example: Allowing incoming traffic only from a specific network | 60 |
How Filtering Works
Each profile you define for a particular connection has its own set of filters (called the ‘filter stack’). All data packets, incoming and outgoing, pass through the filter stack of the profile being used for a particular connection. A filter stack can have up to 8 filters, allowing for sophisticated results.
Data cascades through the filter stack as shown in the following diagram. If a packet matches one of the filters in the stack, the filter action is performed.
Input to filter stack
Are any filters
active?
Yes
No Bypass filter stack
Send all data into filter stack
Filter #1
Filter #2
Apply filter | Data that matches |
|
|
|
| Forward | |
| Action | ||||||
conditions |
|
|
| ||||
|
|
|
|
|
| ||
| Data that does |
|
| Drop |
| ||
| not match |
|
|
|
|
| |
|
| Discard |
|
| |||
|
|
|
|
|
| ||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apply filter | Data that matches |
| Action | Forward | |||
conditions |
|
|
| ||||
|
|
|
|
|
| ||
| Data that does |
|
| Drop |
| ||
| not match |
|
|
|
|
| |
|
| Discard |
|
| |||
|
|
|
|
|
| ||
|
|
|
|
|
|
|
|
Filter #8
Apply filter Data that matches conditions
Data that does not match
Action | Forward |
| |
|
|
Drop
Discard
Discard
Output from filter stack
Note: All incoming and outgoing data passes through the filter stack. Once any filter is activated, data transfer will be affected.
Security | 53 |
