Siemens E-110, E-110-I

Chapter 4: Advanced Configuration

Field Description

Dest Port Port number criteria for the destination computer(s) (i.e., the port number of the

type of computer to which the packet is being sent).

This field will be dimmed (unavailable for entry) unless you have selected TCP or

UDP as the protocol.

See the description of Src IP Address for the selection options.

TCP Flag Specifies whether the rule should apply only to TCP packets that contain the

synchronous (SYN) flag, only to those that contain the non-synchronous

(NOT-SYN) flag, or to all TCP packets (All). This field will be dimmed (unavailable

for entry) unless you selected TCP as the Protocol.

ICMP Type Specifies whether the value in the type field in ICMP packet headers will be used

as a criteria. The code value can be any decimal value from 0 to 255. You can

specify that the value must equal (eq) or not equal (neq) the specified value, or

you can select any to enable the rule to be invoked on all ICMP packets. This field

will be dimmed (unavailable for entry) unless you specify ICMP as the Protocol.

ICMP Code Specifies whether the value in the code field in ICMP packet headers will be used

as a criteria. The code value can be any decimal value from 0 to 255. You can

specify that the value must equal (eq) or not equal (neq) the specified value, or

you can select any to enable the rule to be invoked on all ICMP packets. This field

will be dimmed (unavailable for entry) unless you specify ICMP as the Protocol.

IP Frag Pkt Determines how the rule applies to IP packets that contain fragments. You can

choose from the following options:

Yes: The rule will be applied only to packets that contain fragments.

No: The rule will be applied only to packets that do not contain fragments.

Ignore: (Default) The rule will be applied to packets whether or not they contain

fragments, assuming that they match the other criteria.

IP Option Pkt Determines whether the rule should apply to IP packets that have options

specified in their packet headers.

Yes: The rule will be applied only to packets that contain header options.

No: The rule will be applied only to packets that do not contain header options.

Ignore: (Default) The rule will be applied to packets whether or not they contain

header options, assuming that they match the other criteria.

Packet Size Specifies that the IP Filter rule will take affect only on packets whose size in bytes

matches this criteria. (lt = less than, gt = greater than, lteq = less than or equal

to, etc.)

TOD Rule Status The Time of Day Rule Status determines how the Start Time/End Time settings

are used.

Enable: (Default) The rule is in effect for the specified time period.

Disable: The rule is not in effect for the specified time period, but is effective at

all other times.

3. When you are done selecting criteria, ensure that Enable is selected and then click [Apply].

If the security level of the rule matches the globally configured setting, a green ball in the Oper.

Status column for that rule, indicating that the rule is now in effect. A red ball will display when the

rule is disabled or if its security level is different than the globally configured level.

4. Ensure that the Security Level and Private/Public/DMZ Default Action settings on the IP Filter

Configuration page are configured as needed, then click [Apply].

A page gives a receipt for the changes.

5. Select Admin > Commit & Reboot and click [Save] to save your changes to pe rmanent storage.

Rev:01_040220 61