Filter
Top Products
8-10 Packet Filters
TCP and UDP parameters
TCP and UDP packets can be filtered by source and destination
socket numbers. This allows you permit or deny specific
services.
<
tcp
|
udp
>
src
<
lt
|
gt
|
eq
> <TCP/UDP port #>
Compare the source port number in a TCP or UDP packet to a
specific value.
lt or lessthan less than
eq or equal equal to
gt or greaterthan greater than
A sample rule might look something like this:
permit tcp src gt 23
<
tcp
|
udp
>
dst
<
lt
|
gt
|
eq
> <TCP/UDP port #>
Compare the destination port number in a UDP packet to a
specific value. Example:
deny udp dst eq 40
established or estab
Evaluates whether the packet is for an established connection.
Note that since UDP is not a connection-oriented protocol, this
parameter can only be used in TCP rules. Example
permit tcp dest eq 192 established
Established is usually employed to restrict a normally two-way
connection to only one way. One example would be allowing
internal users to establish FTP sessions with external hosts,
while denying external users FTP access to local hosts. Since a
single FTP session sends packets in both directions, filtering out
FTP packets headed in either direction will kill FTPs in both
directions. See the discussion of FTP below for more informa-
tion.