Table of Contents
Advertisement
Creating Filter Files
Table 27-3
Field
Description
line #
Each rule must have a unique number (1-999). You Must Arrange
Rules In Increasing Order.
verb
This field can be one of the following:
keyword
The keywords for a generic filter is always GENERIC.
operator
The operator for a generic filter rule is always: =>
origin
Can be either FRAME or DATA
offset
Number of bytes offset from the origin.
length
Number of bytes to compare and mask.
mask
Bit mask in hexadecimal format for logical and packet content.
value
The value in hexadecimal format used to compare with the masked
packet contents
For example, a generic filter rule might look like this:
010 ACCEPT generic => origin = data/offset = 22/length = 6/
mask = 0xFFFFFFFFFFFFF/value = 0x0800096f39c8;
Specifying the Filtering Action
You can specify the filtering action for each protocol section that determines
whether a packet is accepted or rejected, if no match occurs with any of the rules
defined in the section. To do this, enter one of the following values as the last rule
line of the section:
permit
deny
For example, the following entry would reject IP packets that did not match any of
the rules defined in the IP protocol section:
#filter
IP:
010 ACCEPT tcp-dst-port>=24;
020 ACCEPT src-addr = 128.100.033.001;
030 ACCEPT dst-addr = 200.135.038.009;
040 DENY;
If you do not specify a filtering action, the default filtering action is PERMIT.
You can create filter files on your PC using any text editor. Once the file is created,
you'll use the Trivial File Transfer Protocol (TFTP) to place the filter file in FLASH
memory on your OfficeConnect Gateway.
ACCEPT - allow the packet access if the condition is met
REJECT - do not allow the packet access if the condition is met
AND - logically use the AND condition with condition of the
next rule to determine if the packet is accepted or rejected.
Both defined conditions must be met.
Creating Filters
27-5
Advertisement
Table of Contents
