Table of Contents
Advertisement
Logging filtered packets
IP Filter Example
Filter requirement
3. If no filter entry is found where all the filter criteria match those of the
packet, the default filter action is used to either pass or discard the packet.
Filter
IP Packet
1
Pass/
discard
The router allows filtered packets to be logged. This facility can be configured
for both packets filtered by filter entries and packets filtered by the default filter
action. This is a useful tool for troubleshooting the filters to ensure that they are
operating as expected, and for detecting hits on the filters in case of an attack
from an unauthorized source.
Logging reduces the performance of the router slightly and should
Note
therefore only be enabled when required—when troubleshooting or
when an attack is suspected.
For packets which are logged, the packet details are recorded in the System Log
for the router which cabn be displayed for Intel Device View for Windows. The
details logged are the source and destination address and port and the IP protocol.
Host 1 on LAN 1 must have TELNET access to remote Host 2 on LAN 2 (but
Host 2 must not be able to establish a TELNET session onto Host 1).
LAN 1
Host 1
LAN
WAN 1
WAN 2
Router 1
Filter
Filter
2
3
Pass/
Pass
Pass/
discard
discard
discard
Leased line
Intel Express Router 9200
®
System
WAN 1
WAN 2
Router 2
IP Routing
IP Concept
Filter
Default
N
Action
Pass/
Pass/
discard
discard
1231
LAN 2
Host 2
Intel Express Router 9200
Telnet Server
®
LAN
WAN 1
WAN 2
System
1474
55
Advertisement
Table of Contents
