User`s guide
Table Of Contents
- Ascend Customer Service
- How to use this guide
- What you should know
- Documentation conventions
- How to use the on-board software
- Manual set
- Configuring WAN Connections
- Configuring IP Routing
- Introduction to IP routing on the Pipeline
- Managing the routing table
- Parameters that affect the routing table
- Static and dynamic routes
- Configuring static routes
- Specifying default routes on a per-user basis
- Enabling the Pipeline to use dynamic routing
- Route preferences
- Viewing the routing table
- Fields in the routing table
- Removing down routes to a host
- Identifying Temporary routes in the routing table
- Configuring IP routing connections
- Ascend Tunnel Management Protocol (ATMP)
- IP Address Management
- Connecting to a local IP network
- BOOTP Relay
- DHCP services
- Dial-in user DNS server assignments
- Local DNS host address table
- Network Address Translation (NAT) for a LAN
- Configuring IPX Routing
- How the Pipeline performs IPX routing
- Adding the Pipeline to the local IPX network
- Working with the RIP and SAP tables
- Configuring IPX routing connections
- Configuring the Pipeline as a Bridge
- Defining Filters and Firewalls
- Setting Up Pipeline Security
- Pipeline System Administration
- Pipeline 75 Voice Features
- IDSL Implementations
- APP Server utility
- About the APP Server utility
- APP Server installation and setup
- Configuring the Pipeline to use the APP server
- Using App Server with Axent SecureNet
- Creating banner text for the password prompt
- Installing and using the UNIX APP Server
- Installing and using the APP Server utility for DO...
- Installing and using the APP Server utility for Wi...
- Installing APP Server on a Macintosh
- Troubleshooting
- Upgrading system software
- What you need to upgrade system software
- Displaying the software load name
- The upgrade procedure
- Untitled
Defining Filters and Firewalls
Introduction to filters
6-2 Preliminary January 30, 1998 Pipeline User’s Guide
You can define conditions in filters to drop (reject) all packets except the ones
you explicitly allow, or allow all packets except the ones you explicitly drop.
Additionally, you can specify whether to apply the filter to inbound packets,
outbound packets, or all packets, regardless of their origin.
Depending on how a filter is used, it is either a data filter or a call filter. The
following describes each type:
• Data filter
Affects the flow of data. Packets are dropped (rejected) or forwarded
(accepted) as specified in the filter conditions. Mainly used for security.
• Call filter
Determines which packets can initiate a connection or reset the idle timer for
an established connection. Mainly used to prevent unnecessary connections.
Note:
Packets can pass through more than one filter. If both a data filter and call
filter are applied, the data filter takes precedence.
Data filters for dropping or forwarding certain packets
Data filters are commonly used for security, but they can be used for any purpose
that requires the Pipeline to drop or forward specific packets. For example, you
can use data filters to drop packets addressed to particular hosts, or to prevent
broadcasts from going across the WAN. You can also use data filters to allow
only specified devices to be accessed by users across the WAN.
Data filters do not affect the idle timer, and a data filter applied to a Connection
profile does not affect the answering process.
Figure 6-1. Data filters can drop or forward certain packets
WAN
Data Filter