Specifications
Filters and Rules
60 AVM Access Server – 5 AVM Access Server Concepts and Functional Principles
Rules consist of the following components:
A description of the packet type to which the rule applies. The
AVM Access Server tests packets against the descriptions in the
filter rules by three criteria.
– Service: The rule may apply to all IP-based services, or only to
certain services such as FTP or telnet, or just to specific service
operations, such as FTP access to the LAN from the Internet.
– Source of the packet: this is specified in the form of a network
or host address.
– Destination of the packet: this is also specified in the form of a
network or host address.
One of three actions, to be performed on packets that fit the de-
scription.
– Accept: The packet is sent on to the destination address (or
passed to the next filter.
– Drop: The packet is not forwarded, but simply discarded, with-
out notifying the sender. To the sender (and potential intrud-
er), the effect is the same as if the AVM Access Server were not
on line, or inexistent.
– Reject: The packet is discarded, and an error message is re-
turned to the sender.
A logging instruction for packets handled by this rule. Log infor-
mation is primarily used to detect intrusion attempts into the LAN
and, if necessary, to trace their source. The log can also be used
to test whether the filters are working as intended, and whether
the rules actually match the packets to be filtered.
Each packet is tested against all rules in the list order, until it matches
a rule’s description. That rule’s action is then applied to the packet. If
the applicable action is “Drop” or “Reject”, then no other filtering is
performed on the packet. If the applicable action is “Accept”, the pack-
et is passed on to the next filter instance (or transmitted to its destina-
tion, if there are no further filters).
If no rule matches the packet and the default action of the filter profile
is “Accept”, the packet is passed on to the next filter.