Filter
Top Products
ZyWALL 10/50 Internet Security Gateway
Filter Configuration 18-13
Table 18-4 Generic Filter Rule Menu Fields
FIELD DESCRIPTION OPTIONS
Filter # This is the filter set, filter rule co-ordinates, i.e., 2,3 refers to the second
filter set and the third rule of that set.
Filter Type Use [SPACE BAR] to select a rule type. Parameters displayed below
each type will be different. TCP/IP filter rules are used to filter IP
packets while generic filter rules allow filtering of non-IP packets.
Generic Filter
Rule
TCP/IP Filter
Rule
Active
Select Yes to turn on the filter rule or No to turn it off. Yes
Offset Enter the starting byte of the data portion in the packet that you wish to
compare. The range for this field is from 0 to 255.
0
(Default)
Length Enter the byte count of the data portion in the packet that you wish to
compare. The range for this field is 0 to 8.
0
(Default)
Mask Enter the mask (in Hexadecimal notation) to apply to the data portion
before comparison.
Value Enter the value (in Hexadecimal notation) to compare with the data
portion.
More
If Yes, a matching packet is passed to the next filter rule before an
action is taken; else the packet is disposed of according to the action
fields.
If More is Yes, then Action Matched and Action Not Matched will be
No.
Yes
No
Log Select the logging option from the following:
None - No packets will be logged.
Action Matched - Only packets that match the rule parameters will be
logged.
Action Not Matched - Only packets that do not match the rule
parameters will be logged.
Both – All packets will be logged.
None
Action Matched
Action Not
Matched
Both
Action
Matched
Select the action for a packet matching the rule.
Check Next Rule
Forward
Drop
Action Not
Matched
Select the action for a packet not matching the rule.
Check Next Rule
Forward Drop