3 > ip filtering, Cs-116 – Austin Hughes CS - 116 User Manual

UM-CV-751-CS-116-Q215V1 www.austin-hughes.com

CS-116

2.3.1 IP

Filtering

The IP filtering function keeps unauthorized hosts from accessing to the IP serial console by specifying IP filtering rules. It is

important to fully understand what an IP filter is. If you don’t fully understand this, you will get unexpected results against your
original plan.

The IP address/ Mask specifies the host range by entering base host IP address followed by / and subnet mask. The host IP

addresses to be filtered based on the rule defined. The table below gives examples of IP address/ Mask settings.

Specified host range

Base Host IP address

Subnet mask

Any

host

0.0.0.0

0.0.0.0

192.168.1.120

192.168.1.120

255.255.255.255

192.168.1.1

~

192.168.1.254

192.168.1.0

255.255.255.0

192.168.0.1 ~ 192.168.255.254

192.168.0.0

255.255.0.0

192.168.1.1

~

192.168.1.126

192.168.1.0

255.255.255.128

192.168.1.129

~

192.168.1.254 192.168.1.128

255.255.255.128

The Port is a port or port range of the IP serial console which hosts try to access to.

Chain rule

The chain rule determines whether the access from the hosts is allowed or not. It can be one of the these two values :

■

ACCEPT : access allowed

■

DROP : access not allowed

When the IPCS receives a TCP packet, it will process the packet with the chain rule depicted below. The process ordering is

important; The packet will enter the chain rule 1 first, if meet the rule then take action directly, otherwise go to chain rule 2.

TCP packet

No

Rule 1

Rule 2

Rule ..

Rule n

Default Rule

Action 1

Yes

No

No

No

Action 2

Yes

Action 3

Action 4

Action 5

Yes

Yes

Yes

P.8

< 2.3 > IP Filtering