Configuring Filters 10-1
Chapter 10
Configuring Filters
This chapter provides information about configuring and using filters for your Model RP114 Web
Safe Router.
Filters are used to block certain packets, reduce traffic, and prevent security breaches. The router
uses packet filters to determine whether to allow or deny passage of each data packet, based on
information found in the packet. A filter is defined by rules declaring what information is to be
checked and what action is to be taken (forward or discard) when a match is found. Two types of
packet filters are supported by the router: IP protocol filters and generic or “device” filters. An IP
protocol filter screens the packet based on IP address and port information contained in the packet.
A generic filter looks for a specified pattern of bits at a specified location in the packet.
In the configuration of IP filters, it is necessary to specify ports and protocols by their assigned
numbers instead of names. A comprehensive list of protocol and port numbers for common IP
traffic can be found in IETF RFC1700, “Assigned Numbers.” Many common port numbers are
also listed on any Windows PC in a file called \windows\services.
The Model RP114 router allow you to customize filter sets according to your needs. The following
sections describe how to configure the filter sets for your router.
Router Filter Structure
You can configure up to 12 filter sets, each with up to six rules. For IP packets, these rules involve
comparing the protocol type of a data packet (for example, TCP, UDP), source or destination
address, or port number. Also, a generic filter may be defined to merely test for a byte or pattern of
bytes in a particular location in the packet. When a rule is met (or not met), a user-specified action
is taken. This action may be to forward the packet, drop the packet, or go to the next rule.