10-24 Administrator’s Handbook
Source IP | Dest IP | ||||||
|
|
|
|
| + | ||
1 | 192.211.211.17 | 0.0.0.0 | TCP | 0 | 23 | Yes No | |
2 | 0.0.0.0 | 0.0.0.0 | TCP | NC | =6000 | Yes No | |
3 | 0.0.0.0 | 0.0.0.0 | ICMP | Yes Yes | |||
4 | 0.0.0.0 | 0.0.0.0 | TCP | NC | >1023 | Yes Yes | |
5 | 0.0.0.0 | 0.0.0.0 | UDP | NC | >1023 | Yes Yes | |
|
|
|
|
|
| ||
|
|
|
|
|
| ||
|
|
|
|
|
| ||
|
|
|
|
|
| ||
|
|
|
|
|
| ||
|
|
|
|
|
| ||
|
|
|
|
|
| ||
|
|
|
|
|
| ||
|
|
|
|
|
| ||
|
|
|
|
|
| ||
|
|
|
|
|
| ||
|
|
|
|
| + | ||
The table’s columns correspond to each filter’s attributes:
#: The filter’s priority in the set. Filter number 1, with the highest priority, is first in the table.
Source IP Addr: The packet source IP address to match.
Dest IP Addr: The packet destination IP address to match.
Proto: The protocol to match. This can be entered as a number (see the table below) or as TCP or UDP if those protocols are used.
Protocol | Number to use | Full name |
|
|
|
|
|
|
N/A | 0 | Ignores protocol type |
|
|
|
ICMP | 1 | Internet Control Message Protocol |
|
|
|
TCP | 6 | Transmission Control Protocol |
|
|
|
UDP | 17 | User Datagram Protocol |
|
|
|
Src. Port: The source port to match. This is the port on the sending host that originated the packet.
D. Port: The destination port to match. This is the port on the receiving host for which the packet is intended.
On?: Displays Yes when the filter is in effect or No when it is not.
Fwd: Shows whether the filter forwards (Yes) a packet or discards (No) it when there’s a match.
Filtering example #1
Returning to our filtering rule example from above (see page
