Manuals / Paradyne / Computer Equipment / Network Card

Paradyne JetFusion Integrated Access Device manual Luhzdoo&Rqiljxudwlrq

Models: JetFusion Integrated Access Device

1 297
Download 297 pages 52.68 Kb
Page 173
Image 173

￿￿￿￿)LUHZDOO￿&RQILJXUDWLRQ

Creating a Firewall via IP Filtering

Firewall configuration (also known as IP filtering) allows you to specify a combination of parameters the IAD uses to selectively eliminate IP traffic.

Filtering executes on the WAN port that you select. There are two different sets of filters and each filter maintains its own statistics:

￿Input— Input packets are filtered after network address translation.

￿Output—Output packets are filtered before network address translation.

The maximum number of filters is 128. Packets pass through the appropriate set of filters in the order in which the filters display in the list shown on the user interface (Configure IP Router > Configure IP Filtering

>Display all filters of the chosen type). Each packet moves down the list of filters until it reaches the end or the attributes of an active filter match the packet.

When a match occurs, the packet is then processed according to the action field (Pass or Discard) of the first filter that matched the packet:

￿Pass—packet passed to the next level.

￿Discard—packet discarded. When output packets are dropped, RTCS_OK is returned from IP_route.

When you create a new filter, all fields are set to an inactive state. An inactive filter passes all IP packets—you must modify at least one field to narrow the range of packets to pass or change the action to discard all packets.

To create a set of filters to pass only certain types of packets, you need to create a default filter that discards all packets and then insert narrower filters before the default filter. For example, you need to add a filter to cover each range of packets.

To select only the packet ranges to discard no default filter needed, because the default action is to pass all packets. You only add filters that set the range to discard and set the actions of those filters to discard.

The order of the filters matters if you are mixing filters with different actions or if you want the overlapping filters to display accurate statistics.

NOTE For complete information on IP filtering, see Configuring IP Filtering, on page 109.

2000-A2-GB20-10

- 154 -

February 2004

Page 172 Page 174
Page 173
Image 173
Paradyne JetFusion Integrated Access Device manual Luhzdoo&Rqiljxudwlrq, Creating a Firewall via IP Filtering
Page 172 Page 174