Manualshelf

User`s guide

ManualsBrandsBlack Box ManualsComputer equipmentAdvanced Console Server
41424344454647484950
Introduction
14
Chain
A chain is a named profile that includes one or more rules that define the
following:
A set of characteristics to look for in a packet
What to do with any packet that has all the defined characteristics
The CS filter table contains a number of built-in chains. The CS administrator
can define additional chains and can edit the built-in chains. The built-in
chains are referenced according to the type of packet they handle as shown in
the following list:
INPUT - For incoming packets.
FORWARD - For packets being routed through CS.
OUTPUT - For outgoing packets.
As defined in the rules for the default chains, all input and output packets, and
packets being forwarded are accepted.
Rule
Each chain can have one or more rules that define the following:
The packet characteristics being filtered.
The packet is checked for characteristics defined in the rule. For example,
a specific IP header, input and output interfaces, TCP flags and protocol.
What to do when the packet matches the rule.
The packet can be handled according to a specified target policy such as
accepted, dropped, returned, logged, or rejected.
When a packet is filtered, its characteristics are compared against the rules
one-by-one. All defined characteristics must match. If no rules are found then
the default action for that chain is applied.
Administrators can do the following to specify packet filtering:
Add a new chain and specify rules for that chain
Add new rules to existing chains
Edit a built-in chain or delete the built-in chain rules