ZyWALL 10/50 Internet Security Gateway
TableFIELD | DESCRIPTION | OPTIONS |
|
|
|
Filter # | This is the filter set, filter rule |
|
| filter set and the third rule of that set. |
|
|
|
|
Filter Type | Use [SPACE BAR] to select a rule type. Parameters displayed below | Generic Filter |
| each type will be different. TCP/IP filter rules are used to filter IP | Rule |
| packets while generic filter rules allow filtering of | TCP/IP Filter |
|
| Rule |
Active | Select Yes to turn on the filter rule or No to turn it off. | Yes |
|
|
|
Offset | Enter the starting byte of the data portion in the packet that you wish to | 0 |
| compare. The range for this field is from 0 to 255. | (Default) |
|
|
|
Length | Enter the byte count of the data portion in the packet that you wish to | 0 |
| compare. The range for this field is 0 to 8. | (Default) |
|
|
|
Mask | Enter the mask (in Hexadecimal notation) to apply to the data portion |
|
| before comparison. |
|
|
|
|
Value | Enter the value (in Hexadecimal notation) to compare with the data |
|
| portion. |
|
More | If Yes, a matching packet is passed to the next filter rule before an | Yes |
| action is taken; else the packet is disposed of according to the action | No |
| fields. |
|
| If More is Yes, then Action Matched and Action Not Matched will be |
|
| No. |
|
Log | Select the logging option from the following: |
|
| None - No packets will be logged. | None |
| Action Matched - Only packets that match the rule parameters will be | Action Matched |
| logged. | Action Not |
|
| |
| Action Not Matched - Only packets that do not match the rule | Matched |
| parameters will be logged. | Both |
| Both – All packets will be logged. | |
|
| |
|
|
|
Action | Select the action for a packet matching the rule. | Check Next Rule |
Matched |
| Forward |
|
| Drop |
Action Not | Select the action for a packet not matching the rule. | Check Next Rule |
Matched |
| Forward Drop |
|
|
|
Filter Configuration |