Introduction
18
Administrators can do the following to specify packet filtering:
• Add a new chain and specify rules for that chain
• Add new rules to existing chains
• Edit a built-in chain or delete the built-in chain rules
Add Rule and Edit Rule Options
When you add or edit a rule you can define any of the options described in the
following table.
Table 1-6: Filter Options for Packet Filtering Rules
Filter Options Description
Source IP and Mask
Destination IP and Mask
If you specify a source IP, incoming packets are filtered for
the specified IP address. If you specify a destination IP,
outgoing packets are filtered for the specified IP address.
If you fill in a source or destination mask, incoming or
outgoing packets are filtered for IP addresses from the
subnetwork in the specified netmask.
Protocol
You can select a protocol for filtering from one of the
following options:
•ALL
• Numeric Protocol Options
• TCP Protocol Options
• UDP Protocol Options
• ICMP Protocol Options
Input Interface
The input interface (ethN) used by the incoming packet.
Output Interface
The output interface (ethN) used by the outgoing packet.
Fragments
The types of packets to be filtered:
• All packets
• 2nd, 3rd... fragmented packets
• Non-fragmented and 1st fragmented packets
To Next Page
Loading...
