User manual
8-20 Packet Filter
s
Filter Examples
This section provides examples that will help you build
commonly used filters.
This section describes the following topics:
• IP Packet Filter Rule Examples
• IPX Packet Filter Rule Examples
• AppleTalk Packet Filter Rule Examples
IP Packet Filter Rule Examples
This section briefly describes IP packet filtering options, and
provides rule examples for each IP packet filtering capability.
This section includes the following topics:
• Source and Destination Address Filtering
• Masks
• TCP and UDP Parameter Filtering
• IP RIP Packet Filtering
• ICMP Packet Filtering
• IP Call Filtering
Source and Destination Address Filtering
Source and destination address filtering is generally used to
limit permitted access to trusted hosts and networks only, to
explicitly deny access to hosts and networks that are not trusted,
or to limit external access to a given host (for example, a Web
server or a firewall).
Note that only the part of the IP address specified by the mask
field is used in the comparison. If a match is found, the packet
is forwarded (rules containing accept) or discarded (rules
containing reject).
The following rule example allows forwarding of IP packets
with source addresses that match the first 16 bits of the given IP
address (that is, addresses beginning with 192.77):