Security 14-9
Putting the parts together
When you display a filter set, its filters are displayed as rows in a table:
The table’s columns correspond to each filter’s attributes:
#: The filter’s priority in the set. Filter number 1, with the highest priority, is first in the table.
Source IP Addr: The packet source IP address to match.
Dest IP Addr: The packet destination IP address to match.
Proto: The protocol to match. This can be entered as a number (see the table below) or as TCP or UDP if those
protocols are used.
Src. Port: The source port to match. This is the port on the sending host that originated the packet.
D. Port: The destination port to match. This is the port on the receiving host for which the packet is intended.
On?: Displays Yes when the filter is in effect or No when it is not.
Fwd: Shows whether the filter forwards (Yes) a packet or discards (No) it when there’s a match.
Protocol Number to use Full name
N/A 0 Ignores protocol type
ICMP 1 Internet Control Message Protocol
TCP 6 Transmission Control Protocol
UDP 17 User Datagram Protocol
+-#---Source IP Addr---Dest IP Addr-----Proto-Src.Port-D.Port--On?-Fwd-+
+----------------------------------------------------------------------+
| 1 192.211.211.17 0.0.0.0 TCP 0 23 Yes No |
| 2 0.0.0.0 0.0.0.0 TCP NC =6000 Yes No |
| 3 0.0.0.0 0.0.0.0 ICMP -- -- Yes Yes |
| 4 0.0.0.0 0.0.0.0 TCP NC >1023 Yes Yes |
| 5 0.0.0.0 0.0.0.0 UDP NC >1023 Yes Yes |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
+----------------------------------------------------------------------+