Filter
Top Products
Creating Filters Using the OfficeConnect Remote 840 Manager
12-5
The first is the direction/location of the packet. There are four static
direction/locations on which filters can be activated: incoming LAN traffic,
outgoing LAN traffic, incoming WAN traffic and outgoing WAN traffic.
Additionally, there are two for each Remote Site, traffic coming from and
going to each one.
The second criteria is whether the packet contains data that matches the
condition(s) in the filter. Conditions are defined based on protocol specific
information such as IP source address or IPX source socket number.
All filters are set up to discard packets (data filters). However, there are
two ways of specifying these actions: a “negative” and a “positive” way.
The negative action specifies that the packet or information is discarded if
the filter criteria met. The positive action specifies that the packet or
information is kept if the criteria is met. The positive way implies that all
packets or information not meeting the criteria are discarded. Either
method can be used for most filters. However, one or the other is almost
always more logical.
For example, imagine a small office with 20 workstations on the LAN. The
LAN is connected to a remote corporate office using an OfficeConnect
Remote 840. Two of the LAN workstations are used by contractors who
are not given access to the corporate office. To prevent traffic from the
two workstations from passing through the OfficeConnect Remote 840,
a filter is set up on the incoming/LAN direction/location. The most logical
filter is a “negative” filter that says “discard packet if IP source address is
equal to xxx.xxx.xxx.xxx or IP source address is equal to xxx.xxx.xxx.yyy”.
Of course you could write a “positive” filter which would say “forward
packet if IP source address is equal to <list of the 18 IP addresses that are
allowed to send traffic>”. However, you can see that the negative filter is
shorter (more efficient to apply) and easier to write and therefore the
better one to use.
Each direction/location can have up to fifteen filters. Each filter can have
up to six conditions. As you create the filter, you can select whether to
logically “and” or “or” conditions together. If you need a filter with more
than six conditions, you can create multiple filters that will be looked at
by the OfficeConnect Remote 840 as if they were one filter. The only
requirement is that the basic filter information (i.e., the protocol and the
action) must be the same in each of the filters. The filters will be “or”ed
together when they are merged internally.
840ug.book Page 5 Friday, July 7, 2000 2:23 PM