Manualshelf

User manual

ManualsBrandsUS Robotics ManualsComputer equipmentNETServer/8
171172173174175176177178179180
Packet Filters 8-21
IP:
010 ACCEPT src-addr = 192.77.200.203/16;
The following rule example prevents forwarding of IP packets
with destination addresses that match the first 16 bits of the
given IP address (that is, addresses beginning with 188.39):
IP:
010 REJECT dst-addr = 188.39.150.166/16;
The following rule example allows forwarding of IP packets
with source address 192.77.100.32 and destination address
201.128.11.34:
IP:
010 AND src-addr = 192.77.100.32;
020 ACCEPT dst-addr = 201.128.11.34;
Masks
These fields specify the number of bits to be used in the source
address and destination address comparisons. Valid values are:
0 Match packets with any IP address. The contents of the
source address or destination address field are not important.
8 Compare the first byte (octet) in the IP addresses.
16 Compare only the first two bytes of the IP addresses
24 Compare only the first three bytes of the IP Addresses
32 Match the entire IP address (this value can be omitted)
The masks are separated from source address and destination
address by forward slashes (/).
TCP and UDP Parameter Filtering
TCP and UDP packets are typically sent from and destined for
standard port numbers that provide common network services,
such as Domain Name Service, SNMP, and Telnet. You can
filter TCP and UDP packets by source and destination ports by
defining filter rules that compare the port number in a TCP or
UDP packet to a specific value.
The following rule example accepts only TCP packets that have
a source port number of 24 or greater.