beautypg.com

5 filter types and nat, Figure 176 protocol and device filter sets – ZyXEL Communications Prestige 2602R Series User Manual

Page 294

background image

Prestige 2602R Series User’s Guide

294

Chapter 30 Filter Configuration

30.5 Filter Types and NAT

There are two classes of filter rules, Generic Filter Device rules and Protocol Filter (TCP/IP)
rules. Generic Filter rules act on the raw data from/to LAN and WAN. Protocol Filter rules act
on IP packets.

When NAT (Network Address Translation) is enabled, the inside IP address and port number
are replaced on a connection-by-connection basis, which makes it impossible to know the
exact address and port on the wire. Therefore, the Prestige applies the protocol filters to the
“native” IP address and port number before NAT for outgoing packets and after NAT for
incoming packets. On the other hand, the generic (or device) filters are applied to the raw
packets that appear on the wire. They are applied at the point where the Prestige is receiving
and sending the packets; for instance, the interface. The interface can be an Ethernet, or any
other hardware port. The following figure illustrates this.

Figure 176 Protocol and Device Filter Sets

More

If Yes, a matching packet is passed to the next filter rule before an action is taken or

else the packet is disposed of according to the action fields.
If More is Yes, then Action Matched and Action Not Matched will be N/A.

Log

Select the logging option from the following:
None – No packets will be logged.

Action Matched – Only matching packets and rules will be logged.

Action Not Matched – Only packets that do not match the rule parameters will be

logged.

Both – All packets will be logged.

Action

Matched

Select the action for a matching packet. Choices are Check Next Rule, Forward or

Drop.

Action Not

Matched

Select the action for a packet not matching the rule. Choices are Check Next Rule,

Forward or Drop.

When you have completed this menu, press [ENTER] at the prompt “

Press ENTER to Confirm

or ESC to Cancel:

” to save your configuration, or press [ESC] at any time to cancel.

Table 97 Menu 21.1.5.1 Generic Filter Rule (continued)

FIELD

DESCRIPTION

See also other documents in the category ZyXEL Communications Hardware: