Manualshelf

Operation Manual

ManualsBrandsMax ManualsVideoSFX Series
61626364656667686970
SFX SERIES USER’S GUIDE
Rev 2.2 59
Key Description
Add Add the entered information above the table to the table as the last row.
Remove Delete the selected (highlighted) row.
Up If there is more than one row in the table, move the selected row up one row.
Down If there is more than one row in the table, move the selected row down one row.
Note: In some networks, NetManager may be configured to Set DNAT table rules. In this case rules sent by
NetManager will replace
any entered in the receiver. NetManager can also be set to Allow local rules, in which case
locally entered rules will not be replaced. It is recommended that you contact your Service Provider before inputting
any rules.
Filtering
The Filtering submenu is responsible for maintenance of the Filtering Table in the receiver. This table defines up to 25
rules that can be used to filter on various IP packets, either by IP header or MAC address criteria. Filtering is
performed on incoming IP data, regardless of the network interface the packet originated from.
Filtering is done using options within the Linux iptables facility. More information on iptables can be obtained from the
manual or tutorial online at sites such as http://www.redhat.com. Additionally, you can contact IDC Customer Service
for a copy of the iptables tutorial (see Chapter 3). The iptables facility under Linux is extensive and complex; and
Filtering is only one part of this facility. The Filtering submenu is intended to make configuration of this function more
user friendly.
Filtering only applies to packets that are routed through the receiver. It does not apply to packets that are targeted to
the receiver or packets that are generated by the receiver. These packet types are managed by the Firewalling
subsystem.
Filtering of incoming IP packets is performed by the receiver according to the following rules:
1. IP packets can originate from any of the available network interfaces and are processed by the receiver in
accordance with the data flow in Figure 2- 12.
2. Up to 25 filtering rules can be maintained by the table. Rules are executed from the first rule to the last rule,
in sequence. Order matters; the first rule that is applicable to the incoming packet is applied. Subsequent
rules after that are ignored.
3. If there is no applicable rule in the Filtering table, the default rule is applied to the incoming packet.
4. Packets can be filtered by Source IP Address/Port or Destination IP Address/Port, or both. Ports can only be
specified if UDP or TCP protocols are selected.
5. Provision is made in the rule table for additional iptables options, allowing for maximum flexibility. However,
extreme care should be taken when using additional options, and the iptables tutorial must be consulted in
this case. (One example of an option usage is for MAC Address Filtering, using options like: “–m mac – –
mac-source xx:xx:xx:xx:xx:xx”.)
When the Filtering submenu item is selected under Data Delivery, the Filtering Table page is displayed for all
applicable filtering rules. A sample Filtering Table page is shown in Figure 2- 31.