beautypg.com

Allied Telesis OmniConnect ISDN User Manual

Page 58

background image

OmniConnect / ISDN

User’s Manual

Page 52

Part number 613-10787-00

Compare Bitmask for the source IP address is used in conjunction with the source IP
address. The compare bit mask defines how many bits of the IP address are compared. When
this field is set to 0.0.0.0, the mask is ignored.

Destination IP Address is the IP address that the filter should check. When this field is set to
0.0.0.0, the destination IP address is ignored.

Compare Bitmask for the destination IP address is used in conjunction with the destination
IP address. The compare bit mask defines how many bits of the IP address are compared.
When this field is set to 0.0.0.0, the mask is ignored.

Source Port Number and Compare are valid only if the protocol type is TCP or UDP. The
Port number field indicates a port number. The Compare box has the following allowed
values: IGNORE, EQUALTO, NOTEQUALTO, GREATERTHAN and LESSTHAN. These
values in the compare field basically applies to the number value in the port number field e.g.
if the port number is 20 and the compare field is EQUALTO then all the packets selected by
the protocol type with port number equal to 20 will be acted upon by this filter.

Destination Port Number and Compare are valid only if the protocol type is TCP or UDP.
The Port number fiels indicates a port number. The Compare box has the following allowed
values: IGNORE, EQUALTO, NOTEQUALTO, GREATERTHAN and LESSTHAN. These
values in the compare field basically applies to the number value in the port number field. So
for e.g. if the port number is 20 and the compare field is EQUALTO then all the packets
selected by the protocol type with port number equal to 20 will be acted upon by this filter.

6.3.5.1. Filter examples – firewall

An example of using the advanced Filtering capability of the OmniConnect access device to
set up a firewall is provided in this section. The firewall blocks incoming Telnet sessions
originating from the Internet into the local LAN. In order to implement this firewall, the filter
shown in the Advanced Filter Screen should be implemented. The filter direction is set to
INCOMING since only Telnet sessions from the WAN are to be filtered. Forward Enabled is
not checked, indicating that all packets matching this filter are to be discarded. Finally, the
Protocol Type is set to TCP and the Destination Port Compare parameter is set to 23,
indication Telnet. Source Port, TCP Start of Connection and IP Address parameters are all
ignored. If the Source IP Address and Destination IP Address parameters are set to 0, these
comparisons are ignored.

See also other documents in the category Allied Telesis Computer hardware: