Manualshelf

User`s guide

ManualsBrandsZhone ManualsComputer equipmentHotwire 5446
51525354555657585960
IP Filtering
7-2
8000-A2-GB21-10
June 1997
NOTE:
You can specify an input filter for one interface and an output filter for another
interface. Do not, however, specify an input filter and an output filter for the
same interface.
For each filter type, you must set up one or more of the following rule types on
the IP Filter Configuration screen (
Configuration
IP Router
IP Router Filters
):
A network address rule type to discard or forward packets/traffic from a
specified network or a segment of the network. This rule type can also be
used to enhance security by allowing access only to certain networks. The IP
address and subnet mask specified in the Destination address and
Destination address mask fields, or the Source address and
Source address mask fields of the IP Filter Configuration screen are
compared to the destination/source address contained in the IP header of the
packet.
A host address rule type to discard or forward packets/traffic from a
specified host. This rule type can also be used to enhance security by
allowing access only to certain hosts. The IP address and subnet mask
specified in the Destination address and Destination address
mask fields, or the Source address and Source address mask fields of
the IP Filter Configuration screen are compared to the destination/source
address contained in the IP header of the packet.
A socket address rule type to limit certain applications. This rule type is
used primarily when filtering TCP or UDP packets, and may be used in
conjunction with a network address rule type or a host address rule type. The
destination (socket) port number specified in the Destination Port No.
field and source (socket) port number specified in the Source Port No.
field of the IP Filter Configuration screen are compared to the destination and
source port numbers in the TCP or UDP header of the packet.
NOTE:
If both the source and destination port numbers are 0s (zeros), the system
filters ICMP packets in addition to the packet types defined in the rule.
In this release, up to 33 rules can be configured for each filter. By default, if you
do not specify rules, the system will forward packets.
For detailed information on the IP Filter Configuration screen and the IP Network
screen, see Chapters 5 and 6 of the
HotWire Digital Subscriber Line Access
Multiplexer (DSLAM) User’s Guide
.