Filter
Top Products
Security 7-21
3. Select Source IP Address and enter the source IP address this
filter will match on. You can enter a subnet or a host address.
4. Select Source IP Address Mask and enter a mask for the source
IP address. This allows you to further modify the way the filter will
match on the source address. Enter 0.0.0.0 to force the filter to
match on all source IP addresses, or enter 255.255.255.255 to
match the source IP address exclusively.
5. Select Dest. IP Address and enter the destination IP address this
filter will match on. You can enter a subnet or a host address.
6. Select Dest. IP Address Mask and enter a mask for the
destination IP address. This allows you to further modify the way
the filter will match on the destination address. Enter 0.0.0.0 to
force the filter to match on all destination IP addresses.
7. Select Protocol Type and enter ICMP, TCP, UDP, Any, or the
number of another IP transport protocol (see the table on
page 7-12).
Note: If Protocol Type is set to TCP or UDP, the settings for port
comparison that you configure in steps 8 and 9 will appear. These
settings only take effect if the Protocol Type is TCP or UDP.
8. Select Source Port Compare and choose a comparison method
for the filter to use on a packet’s source port number. Then select
Source Port ID and enter the actual source port number to match
on (see the table on page 7-10).
9. Select Dest. Port Compare and choose a comparison method for
the filter to use on a packet’s destination port number. Then
select Dest. Port ID and enter the actual destination port number
to match on (see the table on page 7-10).
10. When you are finished configuring the filter, select ADD THIS
FILTER NOW to save the filter in the filter set. Select CANCEL to
discard the filter.
TCP filter. You can increase security on connections using TCP by
filtering by protocol type and matching established TCP connections
only. With this filter attached to an active connection profile, no TCP
connections can be established from outside the firewall, increasing
network security.