ZyXEL Communications ZYWALL IDP 10 User Manual

IDP Support Notes

33

What’s “Drop” and “Block Connection” for Action of User Defined
Policy?

Action of “Drop”, will drop the traffic that matches the defined policy silently. So the

sender would not get any response or error/warning message about the action.

“Block Connection” is for TCP traffic, since UDP is a connectionless protocol. When

users choose to Block the connection which matches the defined policy, then the

device will send TCP Reset to the both ends of the TCP connection.

How to use URL String in Content setup of User-defined policy?

A URL string is a complete web site address. Case sensitive is any string where

upper case and lower case letters are considered different.

The URL string is case insensitive, can include the character ‘?’ and spaces and

ignores character order. Therefore “/cgi-bin/foo.exe?p1=abc&p2=def” and

“/cgi-bin/foo.exe?p2=def&p1=abc” are considered a match. Extra parameters in the

payload don’t matter either. For example, a pattern

“/cgi-bin/foo.exe?p1=abc&p2=def” would match a packet with URL string

“/cgi-bin/foo.exe?p0=xyz&p1=abc&p2=def”.

What’s the definition of “Incoming” and “Outgoing” direction in a
policy setup?

A policy is bound to WAN or LAN interface when it’s created. If the policy is created

to check Incoming direction, then it’s applied on WAN interface. If the policy is

All contents copyright (c) 2004 ZyXEL Communications Corporation.