TCP and UDP parameters
TCP and UDP packets can be filtered by source and destination socket numbers. This allows you permit or deny specific services.
<tcp udp> src <lt gt eq> <TCP/UDP port #>
Compare the source port number in a TCP or UDP packet to a specific value.
lt or lessthan | less than |
eq or equal | equal to |
gt or greaterthan | greater than |
A sample rule might look something like this:
permit tcp src gt 23
<tcp udp>dst <lt gt eq> <TCP/UDP port #>
Compare the destination port number in a UDP packet to a specific value. Example:
deny udp dst eq 40
established or estab
Evaluates whether the packet is for an established connection. Note that since UDP is not a
permit tcp dest eq 192 established
Established is usually employed to restrict a normally