AlterPath ACS Installation, Administration, and User’s Guide 19
You can flag any of the above elements with inverted so that the target action
is performed on packets that do not match any of the criteria specified in that
line. For example, if you select DROP as the target action, specify “Inverted”
for a source IP address, and do not specify any other criteria in the rule, any
packets arriving from any other source IP address than the one specified are
dropped.
Numeric Protocol Options
If you select Numeric as the protocol when specifying a rule, you need to
specify the desired number.
TCP Protocol Options
If you select TCP as the protocol when specifying a rule, you can define the
following options.
Table 1-7: TCP Protocol Packet Filtering Options
Field/Menu Option Definition
Source Port
- OR -
Destination Port
You can specify a source or destination port number for filtering in
the “Source Port” or “Destination Port” field. You can also specify
a range so that TCP packets are filtered for any port number within
the range.
TCP Flags
Specifying any of the flags: “SYN” (synchronize), “ACK”
(acknowledge), “FIN” (finish), “RST” (reset), “URG” (urgent),
“PSH” (push), and one of the “Any,” “Set,” or “Unset” conditions,
filters TCP packets for the specified flag and the selected
condition.
To Next Page
Loading...
