Table of Contents
Advertisement
Applying actions to source or destination
If an IP address or port is included in a filter, any match is valid for packets to and
from the address or port, unless qualified with src (source only) or dst (destination
only). For example:
s1= 199.86.8.33
s1=src/199.86.8.33//Match if IP source address is 199.86.8.33
s1=tcp/60-80/dst
s1=udp/199.86.8.33/0xffff0000/src //udp source address of
Applying actions to inbound or outbound packets
You can use send and rcv to distinguish between inbound and outbound packets. For
example:
s1=send/3/icmp
s1=!rcv/telnet
Applying actions to specific types of packet
You can use syn and fin as qualifiers for TCP packets. syn allows the filtering of
packets starting a TCP connection, and fin can be used to log the end of a TCP
session. For example:
s1=send/syn/telnet//outbound, telnet startup ip packet
90030500B
//Match if IP source or destination address
is 199.86.8.33
//Match if tcp destination port is in range
of 60-80
//Match outbound icmp type 3 packet
//Match if not an inbound telnet packet
//where telnet defined in services table
Configuring WAN Connections
199.86.xxx.xxx
Page 121
- Quick Links:
- Basic Operation
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
