ZyXEL Communications ZYWALL10 User Manual
Page 107
ZyWALL 10 Internet Security Gateway
7-8
Filters
The following table describes how to configure your TCP/IP filter rule.
Table 7-3 TCP/IP Filter Rule Menu Fields
FIELD
DESCRIPTION
OPTIONS
Active
Yes activates the filter rule and No deactivates it.
Yes/No
IP Protocol
Protocol refers to the upper layer protocol, e.g., TCP is 6,
UDP is 17 and ICMP is 1. This value must be between 0
and 255. A value of 0 matches ANY protocol.
0-255
IP Source Route
If Yes, the rule applies to packet with IP source route
option; else the packet must not have source route option.
The majority of IP packets do not have source route.
Yes/No
Destination
IP Address
Enter the destination IP Address of the packet you wish to
filter. This field is ignored if it is 0.0.0.0.
0.0.0.0
IP Mask
Enter the IP mask to apply to the Destination: IP Addr.
0.0.0.0
Port #
Enter the destination port of the packets that you wish to
filter. The range of this field is 0 to 65535. This field is
ignored if it is 0.
0-65535
Port # Comp
Select the comparison to apply to the destination port in
the packet against the value given in Destination: Port #.
None/Less/Greater/
Equal/Not Equal]
Source
IP Address
Enter the source IP Address of the packet you wish to
filter. This field is ignored if it is 0.0.0.0.
0.0.0.0
IP Mask
Enter the IP mask to apply to the Source: IP Addr.
0.0.0.0
Port #
Enter the source port of the packets that you wish to filter.
The range of this field is 0 to 65535. This field is ignored if
it is 0.
0-65535
Port # Comp
Select the comparison to apply to the source port in the
packet against the value given in Source: Port #.
None/Less/Greater/
Equal/Not Equal
TCP Estab
This field is applicable only when the IP Protocol field is 6,
TCP. If Yes, the rule matches packets that want to
establish a TCP connection (SYN=1 and ACK=0); if No, it
is ignored.
Yes/No
More
If Yes, a matching packet is passed to the next filter rule
before an action is taken; if No, the packet is disposed of
Yes/No