Chapter 32 Filter Configuration; Introduction To Filters; Figure 32-1 Outgoing Packet Filtering Process - ZyXEL Communications ZyWALL 5 User Manual
Internet security appliance
Hide thumbs
Also See for ZyWALL 5:
- User manual (668 pages) ,
- Support notes (305 pages) ,
- Quick start manual (139 pages)
Table of Contents
Advertisement
32.1 Introduction to Filters
Your ZyWALL uses filters to decide whether to allow passage of a data packet and/or to make a call.
There are two types of filter applications: data filtering and call filtering. Filters are subdivided into
device and protocol filters, which are discussed later.
Data filtering screens the data to determine if the packet should be allowed to pass. Data filters are
divided into incoming and outgoing filters, depending on the direction of the packet relative to a port.
Data filtering can be applied on either the WAN side or the LAN side. Call filtering is used to
determine if a packet should be allowed to trigger a call. Remote node call filtering is only applicable
when using PPPoE encapsulation. Outgoing packets must undergo data filtering before they encounter
call filtering as shown in the following figure.
Data
Outgoing
Filtering
Packet
Match
Drop
packet
For incoming packets, your ZyWALL applies data filters only. Packets are processed depending upon
whether a match is found. The following sections describe how to configure filter sets.
32.1.1 The Filter Structure of the ZyWALL
A filter set consists of one or more filter rules. Usually, you would group related rules, e.g., all the
rules for NetBIOS, into a single set and give it a descriptive name. The ZyWALL allows you to
configure up to twelve filter sets with six rules in each set, for a total of 72 filter rules in the system.
You cannot mix device filter rules and protocol filter rules within the same set. You can apply up to
four filter sets to a particular port to block multiple types of packets. With each filter set having up to
six rules, you can have a maximum of 24 rules active for a single port.
Sets of factory default filter rules have been configured in menu 21 to prevent NetBIOS traffic from
triggering calls and to prevent incoming telnet sessions. A summary of their filter rules is shown in the
figures that follow.
Filter Configuration
This chapter shows you how to create and apply filters.
Call Filtering
No
No
Built-in
match
match
default
Call Filters
Match
Drop packet
if line not up
Or
Send packet
but do not reset
Figure 32-1 Outgoing Packet Filtering Process
ZyWALL 5 Internet Security Appliance
Filter Configuration
No
User-defined
match
Call Filters
(if applicable)
Match
Drop packet
if line not up
Or
Send packet
but do not reset
Idle Timer
Idle Timer
Chapter 32
Active Data
Initiate call
if line not up
Send packet
and reset
Idle Timer
32-1
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
