beautypg.com

Chapter 9 filter setup configuration, 1 about filtering, 1 the filter structure of the expwave – ZyXEL Communications ZyXEL ExpWave 240B User Manual

Page 55: Execute filter rule, Filter set, Figure 9-1 filter rule process

background image

ExpWave 240B Secure Outdoor Ethernet Radio Link

Filter Setup

9-1

Chapter 9 Filter Setup Configuration

This chapter shows you how to create and apply filters.

9.1 About

Filtering

Your ExpWave uses filters to decide whether to allow passage of a data packet and/or to make a call. There are two
types of filter applications: data filtering and call filtering. Filters are subdivided into device and protocol filters, which
are discussed later.

Data filtering screens the data to determine if the packet should be allowed to pass. Data filters are divided into
incoming and outgoing filters, depending on the direction of the packet relative to a port. Data filtering can be applied
on either the WAN side or the LAN side. For incoming packets, your ExpWave applies data filters. Packets are
processed depending upon whether a match is found. The following sections describe how to configure filter sets.

9.1.1 The Filter Structure of the ExpWave

A filter set consists of one or more filter rules. Usually, you would group related rules, e.g., all the rules for NetBIOS,
into a single set and give it a descriptive name. The ExpWave allows you to configure up to twelve filter sets with six
rules in each set, for a total of 72 filter rules in the system. You cannot mix device filter rules and protocol filter rules
within the same set. You can apply up to four filter sets to a particular port to block multiple types of packets. With
each filter set having up to six rules, you can have a maximum of 24 rules active for a single port. See Figure 9-1 Filter
Rule Process for the logic flow when executing an IP filter.

Start

Fetch First

Filter Set

Fetch First

Filter Rule

Active?

Execute

Filter Rule

Fetch Next

Filter Rule

Next filter

Rule

Available?

Fetch Next

Filter Set

Next Filter Set

Available?

Accept Packet

Drop Packet

Yes

No

Yes

No

Yes

Packet into

filter

Filter Set

Forward

Drop

No

Check

Next
Rule

Figure 9-1 Filter Rule Process

See also other documents in the category ZyXEL Communications Hardware: