beautypg.com

Nortel Networks WEB OS 212777 User Manual

Page 188

background image

Web OS 10.0 Application Guide

188

n

Chapter 7: Filtering

212777-A, February 2002

5.

Create a filter that will allow local clients to browse the Web.

The filter must recognize and allow TCP traffic to reach the local client destination IP addresses
if traffic originates from any HTTP source port:

6.

Create a filter that will allow local clients to Telnet anywhere outside the local intranet.

The filter must recognize and allow TCP traffic to reach the local client destination IP
addresses if originating from a Telnet source port:

7.

Create a series of filters to allow Domain Name System (DNS) traffic.

DNS traffic requires four filters; one pair is needed for UDP traffic (incoming and outgoing)
and another pair for TCP traffic (incoming and outgoing).

>> Filter 3# ../filt 4

(Select the menu for Filter 4)

>> Filter 4# sip any

(From any source IP address)

>> Filter 4# dip 205.177.15.0

(To base local network dest. address)

>> Filter 4# dmask 255.255.255.0

(For entire subnet range)

>> Filter 4# proto tcp

(For TCP protocol traffic)

>> Filter 4# sport http

(From any source HTTP port)

>> Filter 4# dport any

(To any destination port)

>> Filter 4# action allow

(Allow matching traffic to pass)

>> Filter 4# name allow clients Web browse

(Provide a descriptive name for the

filter)

>> Filter 4# ena

(Enable the filter)

>> Filter 4# ../filt 5

(Select the menu for Filter 5)

>> Filter 5# sip any

(From any source IP address)

>> Filter 5# dip 205.177.15.0

(To base local network dest. address)

>> Filter 5# dmask 255.255.255.0

(For entire subnet range)

>> Filter 5# proto tcp

(For TCP protocol traffic)

>> Filter 5# sport telnet

(From a Telnet port)

>> Filter 5# dport any

(To any destination port)

>> Filter 5# action allow

(Allow matching traffic to pass)

>> Filter 5# ena

(Enable the filter)