1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. P324
    5. /
  5. 33
Page 161 / 285 Scroll up to view Page 156 - 160
Prestige 324 Intelligent Broadband Sharing Gateway
Filter Configuration
13-3
Start
Packet
into Filter
Accept Packet
Drop Packet
Fetch Next
Filter Set
Next Filter Set
Available?
Yes
Filter Set
Fetch First
Filter Rule
Execute Filter
Rule
Next Filter Rule
Available?
Fetch Next
Filter Rule
No
Fetch First
Filter Set
Yes
Check Next Rule
Drop
No
Forward
Figure 13-2 Filter Rule Process
Page 162 / 285
13-4
Filter Configuration
You can apply up to four filter sets to a particular port to block multiple types of packets. With each filter
set having up to six rules, you can have a maximum of 24 rules active for a single port.
13.2 Configuring a Filter Set
To configure a filter set, follow the procedure below. Select option 21 from the main menu to display menu
21.
Enter “21” from the main menu.
Figure 13-3 Menu 21 - Filter and Firewall Setup
Enter “1” to display the following menu.
Figure 13-4 Menu 21.1 - Filter Set Configuration
Select the filter set you wish to configure (no. 1-12) and press
[ENTER]
.
Enter a descriptive name or comment in the
Edit Comments
field and press
[ENTER]
.
Menu 21.1 - Filter Set Configuration
Filter
Set #
------
1
2
3
4
5
6
Comments
------------------
______________
______________
______________
______________
______________
______________
Filter
Set #
------
7
8
9
10
11
12
Comments
------------------
______________
______________
______________
______________
______________
______________
Enter Filter Set Number to Configure= 0
Edit Comments=
Press ENTER to CONFIRM or ESC to CANCEL:
Menu 21 - Filter and Firewall Setup
1. Filter Setup
2. Firewall Setup
Page 163 / 285
Prestige 324 Intelligent Broadband Sharing Gateway
Filter Configuration
13-5
Press
[ENTER]
at the message: [Press ENTER to confirm] to open
Menu 21.1.1
Filter Rules
Summary
.
Figure 13-5 Menu 21.1.1 – Filter Rules Summary
13.2.1 Filter Rules Summary Menu
This screen shows the summary of the existing rules in the filter set. The following tables contain a brief
description of the abbreviations used in the previous menus.
Table 13-1 Abbreviations Used in the Filter Rules Summary Menu
FIELD
DESCRIPTION
#
The filter rule number: 1 to 6.
A
Active: “Y” means the rule is active. “N” means the rule is inactive.
Type
The type of filter rule: “GEN” for Generic, “IP” for TCP/IP.
Filter Rules
These parameters are displayed here.
M
More.
“Y” means there are more rules to check which form a rule chain with the present rule.
An action cannot be taken until the rule chain is complete.
“N” means there are no more rules to check. You can specify an action to be taken
i.e., forward the packet, drop the packet or check the next rule. For the latter, the next
rule is independent of the rule just checked.
Menu 21.1.1 - Filter Rules Summary
# A Type
Filter Rules
M m n
- - ---- ------------------------------------------------------------
1 N
2 N
3 N
4 N
5 N
6 N
Enter Filter Rule Number (1-6) to Configure:
Page 164 / 285
13-6
Filter Configuration
Table 13-1 Abbreviations Used in the Filter Rules Summary Menu
FIELD
DESCRIPTION
m
Action Matched.
“F” means to forward the packet immediately and skip checking the remaining rules.
“D” means to drop the packet.
“N“ means to check the next rule.
n
Action Not Matched.
“F” means to forward the packet immediately and skip checking the remaining rules.
“D” means to drop the packet.
“N” means to check the next rule.
The protocol dependent filter rules abbreviation are listed as follows:
Table 13-2 Rule Abbreviations Used
ABBREVIATION
DESCRIPTION
IP
Pr
Protocol
SA
Source Address
SP
Source Port number
DA
Destination Address
DP
Destination Port number
GEN
Off
Offset
Len
Length
Refer to the next section for information on configuring the filter rules.
13.2.2 Configuring a Filter Rule
To configure a filter rule, type its number in
Menu 21.1 - Filter Rules Summary
and press
[ENTER]
to
open menu 21.1.1 for the rule.
To speed up filtering, all rules in a filter set must be of the same class, i.e., protocol filters or generic filters.
The class of a filter set is determined by the first rule that you create. When applying the filter sets to a port,
Page 165 / 285
Prestige 324 Intelligent Broadband Sharing Gateway
Filter Configuration
13-7
separate menu fields are provided for protocol and device filter sets. If you include a protocol filter set in a
device filter field or vice versa, the Prestige will warn you and will not allow you to save.
13.2.3 TCP/IP Filter Rule
This section shows you how to configure a TCP/IP filter rule. TCP/IP rules allow you to base the rule on
the fields in the IP and the upper layer protocol, e.g., UDP and TCP headers.
To configure TCP/IP rules, select press
[ENTER]
to open
Menu 21.1.1 - TCP/IP Filter Rule
, as shown
next.
Figure 13-6 Menu 21.1.1 — TCP/IP Filter Rule
The following table describes how to configure your TCP/IP filter rule.
Table 13-3 TCP/IP Filter Rule Menu Fields
FIELD
DESCRIPTION
EXAMPLE
Active
Yes
activates and
No
deactivates the filter rule.
Yes
Menu 21.1.1 - TCP/IP Filter Rule
Filter #: 1,1
Filter Type= TCP/IP Filter Rule
Active= Yes
IP Protocol= 0
IP Source Route= No
Destination: IP Addr=
IP Mask=
Port #=
Port # Comp= None
Source: IP Addr=
IP Mask=
Port #=
Port # Comp= None
TCP Estab= N/A
More= No
Log= None
Action Matched= Check Next Rule
Action Not Matched= Check Next Rule
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.

Rate

4 / 5 based on 1 vote.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top