The Filter Structure Of The Zywall - ZyXEL Communications ZyWALL 2 Plus User Manual

Chapter 38 Filter Configuration

38.1.1 The Filter Structure of the ZyWALL

A filter set consists of one or more filter rules. Usually, you would group related rules, e.g., all
the rules for NetBIOS, into a single set and give it a descriptive name. The ZyWALL allows
you to configure up to twelve filter sets with six rules in each set, for a total of 72 filter rules in
the system. You cannot mix device filter rules and protocol filter rules within the same set.
You can apply up to four filter sets to a particular port to block multiple types of packets. With
each filter set having up to six rules, you can have a maximum of 24 rules active for a single
port.
Sets of factory default filter rules have been configured in menu 21 to prevent NetBIOS traffic
from triggering calls and to prevent incoming Telnet sessions. A summary of their filter rules
is shown in the figures that follow.
The following figure illustrates the logic flow when executing a filter rule. See also
on page 548
542
for the logic flow when executing an IP filter.
Figure 373
ZyWALL 2 Plus User's Guide