Filter
Top Products
Security 8-75
EE
EE
xx
xx
aa
aa
mm
mm
pp
pp
ll
ll
ee
ee
II
II
PP
PP
ff
ff
ii
ii
ll
ll
tt
tt
ee
ee
rr
rr
ss
ss
EE
EE
xx
xx
aa
aa
mm
mm
pp
pp
ll
ll
ee
ee
11
11
Write a filter rule that blocks the class C subnet represented by 200.1.1.0/25 from accessing the net.
Incoming packet has the source address of 200.1.1.28
To determine if the packet will match on the filter, perform a Boolean AND on the source IP address and the
filter’s source IP mask:
This incoming IP packet has a source IP address that matches the network address in the Source IP Address
field (whose last byte is binary 00000000) in the Netopia D-Series. This will not forward this packet.
EE
EE
xx
xx
aa
aa
mm
mm
pp
pp
ll
ll
ee
ee
22
22
Incoming packet has the source address of 200.1.1.184.
Filter Rule: 200.1.1.0 (Source IP Network Address)
255.255.255.128 (Source IP Mask)
Forward = No (What happens on match)
IP Address Binary Representation of
the last byte of the IP
address
200.1.1.28 00011100 (Source address in incoming IP packet)
AND
255.255.255.128 10000000 (Perform the logical AND)
00000000 (Logical AND result)
Filter Rule: 200.1.1.0 (Source IP Network Address)
255.255.255.128 (Source IP Mask)
Forward = No (What happens on match)
IP Address Binary Representation
200.1.1.184 10111000 (Source address in incoming IP packet)
AND