2 configuring a filter rule, 3 tcp/ip filter rule – ZyXEL Communications ZYWALL10 User Manual

ZyWALL 10 Internet Security Gateway

Filters

7-7

ABBREVIATION

DESCRIPTION

GEN

Off

Offset

Len

Length

Refer to the next section for information on configuring the filter rules.

7.2.2 Configuring a Filter Rule

To configure a filter rule, type its number in Menu 21.1 - Filter Rules Summary and press [ENTER] to
open menu 21.1.1 for the rule.
To speed up filtering, all rules in a filter set must be of the same class, i.e., protocol filters or generic filters.
The class of a filter set is determined by the first rule that you create. When applying the filter sets to a
port, separate menu fields are provided for protocol and device filter sets. If you include a protocol filter set
in a device filter field or vice versa, the ZyWALL will warn you and will not allow you to save.

7.2.3 TCP/IP Filter Rule

This section shows you how to configure a TCP/IP filter rule. TCP/IP rules allow you to base the rule on
the fields in the IP and the upper layer protocol, e.g., UDP and TCP headers.
To configure TCP/IP rules, select TCP/IP Filter Rule from the Filter Type field and press [ENTER] to
open Menu 21.1.1 - TCP/IP Filter Rule, as shown next.

Figure 7-9 Menu 21.1.1.1 — TCP/IP Filter Rule

Menu 21.1.1.1 - TCP/IP Filter Rule

Filter #: 1,1
Filter Type= TCP/IP Filter Rule
Active= Yes
IP Protocol= 6 IP Source Route= No
Destination: IP Addr= 0.0.0.0

IP Mask= 0.0.0.0
Port #= 137
Port # Comp= Equal

Source: IP Addr= 0.0.0.0

IP Mask= 0.0.0.0
Port #=
Port # Comp= None

TCP Estab= No
More= No Log= None
Action Matched= Drop

Action Not Matched= Check Next Rule

Press ENTER to Confirm or ESC to Cancel:

Press Space Bar to Toggle.