Figure 32-9 Example Filter: Menu 21.1.3.1; Figure 32-10 Example Filter Rules Summary: Menu 21.1.3 - ZyXEL Communications ZyWALL 5 User Manual
Internet security appliance
Hide thumbs
Also See for ZyWALL 5:
- User manual (668 pages) ,
- Support notes (305 pages) ,
- Quick start manual (139 pages)
Table of Contents
Advertisement
ZyWALL 5 Internet Security Appliance
Filter #: 3,1
Filter Type= TCP/IP Filter Rule
Active= Yes
IP Protocol= 6
Destination: IP Addr= 0.0.0.0
The port number for the
telnet service (TCP
protocol) is 23. See RFC
1060 for port numbers of
well-known services.
TCP Estab= No
More= No
There are no
Action Matched= Drop
more rules to
Action Not Matched= Forward
check.
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Select Drop here so that the
packet will be dropped if its
destination is the telnet port.
When you press [ENTER] to confirm, you will see the following screen. Note that there is only one
filter rule in this set.
# A Type
- - ---- --------------------------------------------------------------- - - -
1 Y IP
Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=23
2 N
3 N
4 N
5 N
6 N
This shows you that you have
configured and activated (A = Y) a
TCP/IP filter rule (Type = IP, Pr = 6)
for destination telnet ports (DP =
23).
Figure 32-10 Example Filter Rules Summary: Menu 21.1.3
After you've created the filter set, you must apply it.
Enter 11 from the main menu to go to menu 11.
1.
Go to the Edit Filter Sets field, press [SPACE BAR] to select Yes and press [ENTER].
2.
32-10
Menu 21.1.3.1 - TCP/IP Filter Rule
IP Source Route= No
IP Mask= 0.0.0.0
Port #= 23
Port # Comp= Equal
Source: IP Addr= 0.0.0.0
IP Mask= 0.0.0.0
Port #= 0
Port # Comp= None
Log= None
Figure 32-9 Example Filter: Menu 21.1.3.1
Menu 21.1.3 - Filter Rules Summary
Filter Rules
Enter Filter Rule Number (1-6) to Configure: 1
Press [SPACE BAR] and then
[ENTER] to choose this filter rule type.
The first filter rule type determines all
subsequent filter types within a set.
Select Yes to make the rule active.
6 is the TCP protocol.
Select Equal here as you are
looking for packets going to port 23
only
Select Forward here so that the packet will be
forwarded if its destination is not the telnet port.
M = N means an action can be taken immediately.
The action is to drop the packet (m = D) if the
action is matched and to forward the packet
immediately (n = F) if the action is not matched no
matter whether there are more rules to be
checked (there aren't in this example).
M m n
N D F
Filter Configuration
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
