The Filter Structure Of The Zywall; Figure 15-1 Outgoing Packet Filtering Process - ZyXEL Communications ZyXEL ZyWALL 50 User Manual

ZyWALL 50 Internet Security Gateway
Outgoing
Data
Packet
Match
Drop
packet
For incoming packets, your ZyWALL applies data filters only. Packets are processed depending upon
whether a match is found. The following sections describe how to configure filter sets.

15.1.1 The Filter Structure of the ZyWALL

A filter set consists of one or more filter rules. Usually, you would group related rules, e.g., all the rules for
NetBIOS, into a single set and give it a descriptive name. The ZyWALL allows you to configure up to
twelve filter sets with six rules in each set, for a total of 72 filter rules in the system. You cannot mix device
filter rules and protocol filter rules within the same set. You can apply up to four filter sets to a particular
port to block multiple types of packets. With each filter set having up to six rules, you can have a
maximum of 24 rules active for a single port.
Sets of factory default filter rules have been configured in menu 21 to prevent NetBIOS traffic from
triggering calls and to prevent incoming telnetting. A summary of their filter rules is shown in the figures
that follow.
The following figure illustrates the logic flow when executing a filter rule. See also Figure 15-9 for the
logic flow when executing an IP filter.
15-2
Call Filtering
No No
Built-in
match match
default
Call Filters
Match
Drop packet
if line not up
Or
Send packet
but do not reset
Idle Timer

Figure 15-1 Outgoing Packet Filtering Process

Active Data
No
User-defined
match
Initiate call
Call Filters
if line not up
(if applicable)
Match
Drop packet
if line not up
Or
Send packet
but do not reset
Idle Timer
Send packet
and reset
Idle Timer
Filter Configuration