LANCOM Reference Manual LCOS 3.50 Chapter 8: Firewall
156
Firewall
The connection list
The connection table files source address, destination address, protocol,
source port, destination port, etc. of a connection, as well as possible actions.
This table is sorted according to source address, destination address, protocol,
source port and destination port of the packet, which caused the entry in the
table.
Under WEBconfig the filter list has the following structure:
Src address Source IP address or 0.0.0.0, if the filter should apply to all packets.
Source mask Source network mask, which determinates the source network together with
the source IP address, or 0.0.0.0, if the filter should apply to packets from all
networks.
Q start Start source port of the packets to be filtered.
Q end End source port of the packets to be filtered. Makes up the port range
together with the start source port, in which the filter takes effect. If start
and end port are 0, then the filter is valid for all source ports.
Dst MAC Ethernet destination address of the packet to be filtered or 000000000000,
if the filter should apply to all packets.
Dst address Destination address or 0.0.0.0, if the filter should apply to all packets.
Dst mask Destination network mask, which determinates the destination network
together with the destination IP address, or 0.0.0.0, if the filter should apply
to packets to all networks.
Z start Start destination port of the packets to be filtered.
Z end Destination port of the packets to be filtered. Makes up the port range
together with the start destination port, in which the filter takes effect. If
start and end port are 0, so the filter is valid for all destination ports.
Action Into this column, the "main action" is unveiled as a text, which will be exe-
cuted when the first limit has been exceeded. The first limit can be also an
implicit limit, e.g. if only one limit for the restriction of the throughput was
configured. Then an implicit limit - linked with an "accept" action - is
inserted. In this case, "accept" is unveiled as main action.
You can see the complete actions under the command show filter.
Linked Indicates whether it concerns a "first Match" rule (linked = no). Only with
linked rules in the case of applying of this rule, also further rules are evalu-
ated.
Prio Priority of the rule having generated the entry.
Entry Description