User guide
170
A filtering rule
The criteria are based on information contained in the packets. A filter is simply a rule that
prescribes certain actions based on certain conditions. For example, the following rule
qualifies as a filter:
“Block all Telnet attempts that originate from the remote host 199.211.211.17.”
This rule applies to Telnet packets that come from a host with the IP address
199.211.211.17. If a match occurs, the packet is blocked.
Here is what this rule looks like
when implemented as a filter in
Netopia Firmware Version 7.6.1:
To understand this particular fil-
ter, look at the parts of a filter.
Parts of a filter
A filter consists of criteria based
on packet attributes. A typical fil-
ter can match a packet on any
one of the following attributes:
•
The source IP address and sub-
net mask (where the packet was
sent from)
•
The destination IP address and
subnet mask (where the packet
is going)
•
The TOS bit setting of the
packet. Certain types of IP pack-
ets, such as voice or multimedia
packets, are sensitive to delays
introduced by the network. A delay-sensitive packet is identified by a special low-latency
setting called the TOS bit. It is important for such packets to be received rapidly or the
quality of service degrades.
•
The type of higher-layer Internet protocol the packet is carrying, such as TCP or UDP