Filter Examples; Ip Packet Filter Rule Examples - 3Com 3C421600A Management Manual
Superstack ii remote access system
Hide thumbs
Also See for 3C421600A:
- Reference manual (269 pages) ,
- Quick setup manual (74 pages) ,
- Release note (10 pages)
Table of Contents
Advertisement
234
C
14: H
HAPTER
ANDLING
Filter Examples
IP Packet Filter Rule
Examples
P
F
ACKET
ILTERS
This section provides specific filter examples.
This section briefly describes IP packet filtering options and provides rule
examples for each IP packet filtering capability. It includes the following
topics:
Source and Destination Address Filtering
Masks
TCP and UDP Parameter Filtering
IP/IPX-RIP Packet Filtering
IPX-SAP Filtering
ICMP Packet Filtering
IP/IPX-Call Filtering
Login-Access Filtering
Source and Destination Address Filtering
Source and destination address filtering is generally used to limit
permitted access to trusted hosts and networks only, to explicitly deny
access to hosts and networks that are not trusted, or to limit external
access to a given host (for example, a Web server or a firewall).
Only the part of the IP address specified by the mask field is used in the
comparison. If a match is found, the packet is forwarded (rules containing
accept) or discarded (rules containing reject).
The following rule example rejects forwarding of IP packets with a source
address of 192.77.100.32:
#filter
IP:
010 REJECT src-addr = 192.77.100.32;
The following rule example prevents forwarding of IP packets with
destination addresses that match the first 24 bits of the given IP address
(that is, addresses beginning with 188.039.150):
#filter
IP:
010 REJECT dst-addr = 188.039.150.000/24;
Advertisement
Table of Contents
Troubleshooting
