Filter configuration steps, Filter configuration steps -14, 3 example filter – ZyXEL Communications Prestige 310 User Manual

Prestige 310 Broadband Sharing Gateway

7-14

Filters

Drop

Once you have completed filling in Menu 21.4.1.1 - Generic Filter Rule, press [Enter] at the message
[Press Enter to Confirm] to save your configuration, or press [Esc] to cancel. This data will now be
displayed on Menu 21.1.1 - Filter Rules Summary.

7.3 Example

Filter

Let’s design a filter to block outside users from telnetting and using FTP connections into the Prestige. Please
see our Supporting CD for more example filters.

Figure 7-10

Filter Example

7.3.1 Before

you

begin

Before configuring a filter, you must know the following information:

1. The inbound packet type (protocol & port number): In this case, it is TCP (06) protocol with

port 21 (FTP) and port 23 (Telnet).

2. The source IP address: In this case, as all connections from outside are blocked, the source IP is

0.0.0.0.

3. The destination IP address: It is the Prestige's IP address if SUA is disabled and you have a static

IP; otherwise enter 0.0.0.0 as the destination IP. Once 0.0.0.0 is set as the destination IP, Telnet and
FTP connections are not allowed to reach the Prestige. For the LAN-to-LAN connection, you enter
the Prestige's LAN IP as the destination IP in the filter rule. After the Telnet_WAN filter is applied
to the remote node, it blocks the Telnet and FTP connections to the Prestige, but continues to permit
FTP connection to the local FTP server.

7.3.2 Filter Configuration Steps

Step 1.

Enter 21 from the Main Menu to open Menu 21.1 - Filter Set Configuration.

Step 2.

Enter the index of the filter set you wish to configure (e.g., 3) and press [Enter]

.