ATL Telecom AM30 User Manual

134

ATL Telecom User Guide
AM30

Field

Description

Protocol

The basic IP protocol criteria that must be
met for rule to be invoked. Using the
options in the drop-down list, you can
specify that packets must contain the
selected protocol (eq), that they must not
contain the specified protocol (neq), or that
the rule can be invoked regardless of the
protocol (any). TCP, UDP, and ICMP are
commonly IP protocols; others can be
identified by number from 0-255, as defined
by the Internet Assigned Numbers Authority
(IANA).

Apply Stateful
Inspection

When this option is enabled, packets are
monitored for their state (i.e., whether they
are the initiating packet or a subsequent
packet in an ongoing communication, etc).
This option provides a degree of security by
blocking/dropping packets that are not
received in the anticipated state. Such
packets can signify unwelcome attempt to
gain access to a network.

Source/Destination
Port

Port number criteria for the source
computer(s) (from which the packet
originates) and destination computers.
Port numbers identify the type of traffic that
the computer or server can handle and are
specified by the Internet Assigned Numbers
Authority (IANA). For example, port number
80 indicates a Web server, 21 indicates an
FTP server.
You can choose a port type by name from
the drop-down lists or, if not available in the
list, specify the IANA port number in the text
boxes. Select Any other port if this criteria
will not be used.
These fields will be dimmed (unavailable for
entry) unless you have selected TCP or UDP
as the protocol.
See the description of Src IP Address for the
statement options (any, eq, gt, etc.)

TCP Flag

Specifies whether the rule should apply only
to TCP packets that contain the synchronous
(SYN) flag, only to those that contain the
non-synchronous (NOT-SYN) flag, or to all
TCP packets. This field will be dimmed
(unavailable for entry) unless you selected
TCP as the protocol.