User Guide

STPro Firewall criteria

Interface related

criteria

IP related criteria

TCP related criteria

17 Network Security - Firewalling

212 / 288

3EC 36231 ABAA TCZZA Ed. 01

17.4 Firewall Criteria

At every hook (PIP) a separate access list, called chain, containing

an ordered list of rules will operate on each processed packet,

resulting in a specific treatment of this packet (See topic 'STPro

Firewall Actions').

A rule is able to operate on the following packet criteria:

 Interface related

 IP related

 TCP related

 UDP related

 ICMP related.

 Source interface

 Source interface group

 Destination interface

 Destination interface group.

 Source IP address

 Source IP netmask

 Destination IP address

 Destination IP netmask

 Type of service

 Protocol (TCP, UDP or ICMP).

 Source Port number

 Source Port number range

 Destination Port number

 Destination Port number range

 Synchronization flag

 Urgent flag.