beautypg.com

Policy-based routing using filtersets, Policy-based routing using filtersets -34 – Netopia Firmware 4000-Series User Manual

Page 258

background image

10-34 Firmware User Guide

FTP sessions. To allow WAN-originated FTP sessions to a LAN-based FTP ser ver with the IP address a.b.c.d
(corresponding to a numbered IP address such as 163.176.8.243), inser t the following input filter ahead of the
current input filter 1:

Enabled: Yes

For ward: Yes

Source IP Address: 0.0.0.0

Source IP Address Mask: 0.0.0.0

Dest. IP Address: a.b.c.d

Dest. IP Address Mask: 255.255.255.255

Protocol Type: TCP

Source Por t Comparison: No Compare

Source Por t ID: 0

Dest. Por t Comparison: Equal

Dest. Por t ID: 21

Note:

A similar filter could be used to permit Telnet or WWW access. Set the Dest. Por t ID to 23 for Telnet or

to 80 for WWW.

Note:

Deleting a filter set does not delete the filters in that set. However, the filters in the deleted set are no

longer in effect (unless they are par t of another set). The deleted set will no longer appear in the answer profile
or any connection profiles to which it was added.

Policy-based Routing using Filtersets

Previous firmware versions routed IP packets only by destination IP address. Netopia Firmware Version 5.4
offers the ability to route IP packets using criteria other than the destination IP address. This is called
policy-based routing. You are now able to route IP traffic based on the following:

source IP address

source and/or destination protocol field

source and/or destination por t numbers

TOS field

You specify the routing criteria and routing information by using IP filtersets to determine the for warding action
of a par ticular filter.

In previous firmware versions, a filter would either pass or block the specified traffic. Netopia Firmware Version
5.4 adds a third option, force routing. You specify a gateway IP address, and each packet matching the filter is
routed according to that gateway address, rather than by means of the global routing table.

In addition, the TOS field has been added to the classifier list in a filter. This allows you to filter on TOS field
settings in the IP packet, if you desire.

See also other documents in the category Netopia Hardware: