Firewall tutorial, General firewall terms, Basic ip packet components – Netopia R5300 User Manual

Page 209: Basic protocol types, Firewall tutorial -31, General firewall terms -31, Basic ip packet components -31, About ip addressing

Advertising
background image

Security 13-31

FFF

Fiiiirrrree

e

ew

w

w

waa

a

allllllll ttttu

u

u

utttto

o

o

orrrriiiiaa

a

allll

G

G

G

Gee

e

en

n

n

nee

e

errrraa

a

allll ffffiiiirrrree

e

ew

w

w

waa

a

allllllll ttttee

e

errrrm

m

m

mssss

Filter rule: A filter set is comprised of individual filter rules.

Filter set: A grouping of individual filter rules.

Firewall: A component or set of components that restrict access between a protected network and the Internet,
or between two networks.

Host: A workstation on the network.

Packet: Unit of communication on the Internet.

Packet filter: Packet filters allow or deny packets based on source or destination IP addresses, TCP or UDP
por ts, or the TCP ACK bit.

Port: A number that defines a par ticular type of ser vice.

B

B

B

Baa

a

assssiiiicccc IIIIP

P

P

P p

p

p

paa

a

acccckk

k

kee

e

etttt cccco

o

o

om

m

m

mp

p

p

po

o

o

on

n

n

nee

e

en

n

n

nttttssss

All IP packets contain the same basic header information, as follows:

This header information is what the packet filter uses to make filtering decisions. It is impor tant to note that a
packet filter does not look into the IP data stream (the User Data from above) to make filtering decisions.

B

B

B

Baa

a

assssiiiicccc p

p

p

prrrro

o

o

otttto

o

o

occcco

o

o

ollll ttttyyy

yp

p

p

pee

e

essss

TCP: Transmission Control Protocol. TCP provides reliable packet deliver y and has a retransmission
mechanism (so packets are not lost). RFC 793 is the specification for TCP.

UDP: User Datagram Protocol. Unlike TCP, UDP does not guarantee reliable, sequenced packet deliver y. If data
does not reach its destination, UDP does not retransmit the data. RFC 768 is the specification for UDP.

There are many more por ts defined in the Assigned Addresses RFC. The table that follows shows some of these
por t assignments.

Source IP Address

163.176.132.18

Destination IP Address

163.176.4.27

Source Por t

2541

Destination Por t

80

Protocol

TCP

ACK Bit

Yes

DATA

User Data

Advertising
This manual is related to the following products:

R5200, R5000, R5100

Popular Brands
Popular manuals