ZyWALL 10~100 Series Internet Security Gateway
Refer to the next section for information on configuring the filter rules.
11.2.1 Configuring a Filter Rule
To configure a filter rule, type its number in Menu 21.1.1 - Filter Rules Summary and press [ENTER] to
open menu 21.1.1.1 for the rule.
To speed up filtering, all rules in a filter set must be of the same class, i.e., protocol filters or generic filters.
The class of a filter set is determined by the first rule that you create. When applying the filter sets to a port,
separate menu fields are provided for protocol and device filter sets. If you include a protocol filter set in a
device filter field or vice versa, the ZyWALL will warn you and will not allow you to save.
11.2.2 Configuring a TCP/IP Filter Rule
This section shows you how to configure a TCP/IP filter rule. TCP/IP rules allow you to base the rule on
the fields in the IP and the upper layer protocol, for example, UDP and TCP headers.
11-6
Table 11-2 Rule Abbreviations Used
ABBREVIATION
IP
Pr
SA
SP
DA
DP
GEN
Off
Len
DESCRIPTION
Protocol
Source Address
Source Port number
Destination Address
Destination Port number
Offset
Length
Filter Configuration