Figure 7-1 Outgoing Packet Filtering Process - ZyXEL Communications Prestige 314 PLUS User Manual

Prestige 314 PLUS Broadband Sharing Gateway with 4-Port Switch
Outgoing
Data
Packet
Match
Drop
packet
For incoming packets, your Prestige applies data filters only. Packets are processed depending upon whether
a match is found. The following sections describe how to configure filter sets
7.1.1 The Filter Structure of the Prestige
A filter set consists of one or more filter rules. Usually, you would group related rules, e.g., all the rules for
NetBIOS, into a single set and give it a descriptive name. The Prestige allows you to configure up to twelve
filter sets with six rules in each set, for a total of 72 filter rules in the system. You cannot mix device filter
rules and protocol filter rules within the same set. You can apply up to four filter sets to a particular port to
block multiple types of packets. With each filter set having up to six rules, you can have a maximum of 24
rules active for a single port.
Three sets of factory default filter rules have been configured in menu 21 to prevent NetBIOS traffic from
triggering calls and to prevent incoming telnetting and FTP connections from the WAN side. A summary of
their filter rules is shown in the figures that follow.
The following diagram illustrates the logic flow when executing a filter rule.
7-2
Call Filtering
No
Built-in
match
default
Call Filters
Match
Drop packet
if line not up
Or
but do not reset

Figure 7-1 Outgoing Packet Filtering Process

No
User-defined
match
Call Filters
(if applicable)
Match
Drop packet
if line not up
Or
Send packet Send packet
but do not reset
Idle Timer Idle Timer
Active Data
No
match
Initiate call
if line not up
Send packet
and reset
Idle Timer
Filter Configuration