Netopia R910 User Manual

Security 13-129

Parts of a filter

A filter consists of criteria based on packet attributes. A typical filter can match a packet on any one of the
following attributes:

■

The source IP address (where the packet was sent from)

■

The destination IP address (where the packet is going)

■

The type of higher-layer Internet protocol the packet is carr ying, such as TCP or UDP

Port numbers

A filter can also match a packet’s por t number attributes, but only if the filter’s protocol type is set to TCP or
UDP, since only those protocols use por t numbers. The filter can be configured to match the following:

■

The source por t number (the por t on the sending host that originated the packet)

■

The destination por t number (the por t on the receiving host that the packet is destined for)

By matching on a por t number, a filter can be applied to selected TCP or UDP ser vices, such as Telnet, FTP, and
World Wide Web. The tables below show a few common ser vices and their associated por t numbers.

Port number comparisons

A filter can also use a comparison option to evaluate a packet’s source or destination por t number. The
comparison options are:

No Compare: No comparison of the por t number specified in the filter with the packet’s por t number.

Not Equal To: For the filter to match, the packet’s por t number cannot equal the por t number specified in the
filter.

Internet service

TCP port

Internet service

TCP port

FTP

20/21

Finger

79

Telnet

23

World Wide Web

80

SMTP (mail)

25

News

144

Gopher

70

rlogin

513

Internet service

UDP port

Internet service

UDP port

Who Is

43

AppleTalk Routing
Maintenance (at-r tmp)

202

World Wide Web

80

AppleTalk Name Binding
(at-nbp)

202

SNMP

161

AURP (AppleTalk)

387

TFTP

69

who

513