Filter Types And Nat; Example Filter; Figure 34-10 Protocol And Device Filter Sets - ZyXEL Communications Prestige 652H series User Manual
Adsl security/wireless lan router
Hide thumbs
Also See for Prestige 652H series:
- User manual (523 pages) ,
- Compact manual (36 pages) ,
- Brochure (2 pages)
Table of Contents
Advertisement
Prestige 652H/HW Series User's Guide
34.5 Filter Types and NAT
There are two classes of filter rules, Generic Filter Device rules and Protocol Filter (TCP/IP) rules. Generic
Filter rules act on the raw data from/to LAN and WAN. Protocol Filter rules act on IP packets.
When NAT (Network Address Translation) is enabled, the inside IP address and port number are replaced
on a connection-by-connection basis, which makes it impossible to know the exact address and port on the
wire. Therefore, the Prestige applies the protocol filters to the "native" IP address and port number before
NAT for outgoing packets and after NAT for incoming packets. On the other hand, the generic (or device)
filters are applied to the raw packets that appear on the wire. They are applied at the point where the Prestige
is receiving and sending the packets; for instance, the interface. The interface can be an Ethernet, or any other
hardware port. The following figure illustrates this.
Figure 34-10 Protocol and Device Filter Sets
34.6 Example Filter
Let's look at an example to block outside users from telnetting into the Prestige.
34-14
Filter Configuration
Advertisement
Table of Contents
Troubleshooting
