Example Filter; Before You Begin; Filter Configuration Steps; Figure 7-10 Filter Example - ZyXEL Communications ZyXEL Prestige 310 User Manual

Prestige 310 Broadband Sharing Gateway
Once you have completed filling in Menu 21.4.1.1 - Generic Filter Rule, press [Enter] at the message
[Press Enter to Confirm] to save your configuration, or press [Esc] to cancel. This data will now be
displayed on Menu 21.1.1 - Filter Rules Summary.
7.3

Example Filter

Let's design a filter to block outside users from telnetting and using FTP connections into the Prestige. Please
see our Supporting CD for more example filters.

7.3.1 Before you begin

Before configuring a filter, you must know the following information:
1. The inbound packet type (protocol & port number): In this case, it is TCP (06) protocol with
port 21 (FTP) and port 23 (Telnet).
2. The source IP address: In this case, as all connections from outside are blocked, the source IP is
0.0.0.0.
3. The destination IP address: It is the Prestige's IP address if SUA is disabled and you have a static
IP; otherwise enter 0.0.0.0 as the destination IP. Once 0.0.0.0 is set as the destination IP, Telnet and
FTP connections are not allowed to reach the Prestige. For the LAN-to-LAN connection, you enter
the Prestige's LAN IP as the destination IP in the filter rule. After the Telnet_WAN filter is applied
to the remote node, it blocks the Telnet and FTP connections to the Prestige, but continues to permit
FTP connection to the local FTP server.

7.3.2 Filter Configuration Steps

Step 1. Enter 21 from the Main Menu to open Menu 21.1 - Filter Set Configuration.
Step 2. Enter the index of the filter set you wish to configure (e.g., 3) and press [Enter]
7-14
Figure 7-10 Filter Example
Drop
.
Filters