ZyXEL Communications ZyWALL 5 User Manual page 400

ZyWALL 5 Internet Security Appliance
FIELD
Port # Enter the source port of the packets that you wish to filter. The range of
this field is 0 to 65535. This field is ignored if it is 0.
Port # Comp Press [SPACE BAR] and then [ENTER] to select the comparison to
apply to the source port in the packet against the value given in Source:
Port #.
TCP Estab This field is applicable only when the IP Protocol field is 6, TCP. Press
[SPACE BAR] and then [ENTER] to select Yes, to have the rule match
packets that want to establish a TCP connection (SYN=1 and ACK=0); if
No, it is ignored.
More Press [SPACE BAR] and then [ENTER] to select Yes or No. If Yes, a
matching packet is passed to the next filter rule before an action is
taken; if No, the packet is disposed of according to the action fields.
If More is Yes, then Action Matched and Action Not Matched will be
N/A.
Log Press [SPACE BAR] and then [ENTER] to select a logging option from
the following:
None – No packets will be logged.
Action Matched - Only packets that match the rule parameters will be
logged.
Action Not Matched - Only packets that do not match the rule
parameters will be logged.
Both – All packets will be logged.
Action Matched Press [SPACE BAR] and then [ENTER] to select the action for a
matching packet.
Action Not Press [SPACE BAR] and then [ENTER] to select the action for a packet
Matched not matching the rule.
When you have Menu 21.1.1.1 - TCP/IP Filter Rule configured, press [ENTER] at the message "Press ENTER
to Confirm" to save your configuration, or press [ESC] to cancel. This data will now be displayed on Menu
21.1.1 - Filter Rules Summary.
The following figure illustrates the logic flow of an IP filter.
32-6
Table 32-3 Menu 21.1.1.1: TCP/IP Filter Rule
DESCRIPTION OPTIONS
0-65535
None
Less
Greater
Equal
Not Equal
Yes
No
Yes
No
None
Action
Matched
Action Not
Matched
Both
Check Next
Rule
Forward
Drop
Check Next
Rule
Forward
Drop
Filter Configuration