beautypg.com

Siemens E-110-I User Manual

Page 67

background image

Chapter 4: Advanced Configuration

Field

Description

Dest Port

Port number criteria for the destination computer(s) (i.e., the port number of the

type of computer to which the packet is being sent).
This field will be dimmed (unavailable for entry) unless you have selected TCP or

UDP as the protocol.
See the description of Src IP Address for the selection options.

TCP Flag

Specifies whether the rule should apply only to TCP packets that contain the
synchronous (SYN) flag, only to those that contain the non-synchronous

(NOT-SYN) flag, or to all TCP packets (All). This field will be dimmed (unavailable

for entry) unless you selected TCP as the Protocol.

ICMP Type

Specifies whether the value in the type field in ICMP packet headers will be used
as a criteria. The code value can be any decimal value from 0 to 255. You can

specify that the value must equal (eq) or not equal (neq) the specified value, or

you can select any to enable the rule to be invoked on all ICMP packets. This field

will be dimmed (unavailable for entry) unless you specify ICMP as the Protocol.

ICMP Code

Specifies whether the value in the code field in ICMP packet headers will be used
as a criteria. The code value can be any decimal value from 0 to 255. You can

specify that the value must equal (eq) or not equal (neq) the specified value, or

you can select any to enable the rule to be invoked on all ICMP packets. This field

will be dimmed (unavailable for entry) unless you specify ICMP as the Protocol.

IP Frag Pkt

Determines how the rule applies to IP packets that contain fragments. You can
choose from the following options:
Yes: The rule will be applied only to packets that contain fragments.
No: The rule will be applied only to packets that do not contain fragments.
Ignore: (Default) The rule will be applied to packets whether or not they contain
fragments, assuming that they match the other criteria.

IP Option Pkt

Determines whether the rule should apply to IP packets that have options
specified in their packet headers.
Yes: The rule will be applied only to packets that contain header options.
No: The rule will be applied only to packets that do not contain header options.
Ignore: (Default) The rule will be applied to packets whether or not they contain
header options, assuming that they match the other criteria.

Packet Size

Specifies that the IP Filter rule will take affect only on packets whose size in bytes
matches this criteria. (lt = less than, gt = greater than, lteq = less than or equal

to, etc.)

TOD Rule Status The Time of Day Rule Status determines how the Start Time/End Time settings

are used.
Enable: (Default) The rule is in effect for the specified time period.
Disable: The rule is not in effect for the specified time period, but is effective at

all other times.


3. When you are done selecting criteria, ensure that Enable is selected and then click [Apply].

If the security level of the rule matches the globally configured setting, a green ball in the Oper.

Status column for that rule, indicating that the rule is now in effect. A red ball will display when the

rule is disabled or if its security level is different than the globally configured level.

4. Ensure that the Security Level and Private/Public/DMZ Default Action settings on the

IP Filter

Configuration

page are configured as needed, then click [Apply].

A page gives a receipt for the changes.

5. Select

Admin > Commit & Reboot and click [Save] to save your changes to permanent storage.

Rev:01_040220

61

This manual is related to the following products: