90030500B Configuring WAN Connections Page 121
Applying actions to source or destination
If an IP address or port is included in a filter, any match is valid for packets to and
from the address or port, unless qualified with
src
(source only) or
dst
(destination
only). For example:
s1= 199.86.8.33 //Match if IP source or destination address
is 199.86.8.33
s1=src/199.86.8.33//Match if IP source address is 199.86.8.33
s1=tcp/60-80/dst //Match if tcp destination port is in range
of 60-80
s1=udp/199.86.8.33/0xffff0000/src //udp source address of
199.86.xxx.xxx
Applying actions to inbound or outbound packets
You can use
send
and
rcv
to distinguish between inbound and outbound packets. For
example:
s1=send/3/icmp //Match outbound icmp type 3 packet
s1=!rcv/telnet //Match if not an inbound telnet packet
//where telnet defined in services table
Applying actions to specific types of packet
You can use syn
and
fin
as qualifiers for TCP packets.
syn
allows the filtering of
packets starting a TCP connection, and
fin
can be used to log the end of a TCP
session. For example:
s1=send/syn/telnet//outbound, telnet startup ip packet
To Next Page
Loading...
Need help?
General