Filter
Top Products
ZyWALL 2 and ZyWALL 2WE
Filter Configuration 19-11
19.2.3 Configuring a Generic Filter Rule
This section shows you how to configure a generic filter rule. The purpose of generic rules is to allow you
to filter non-IP packets. For IP, it is generally easier to use the IP rules directly.
For generic rules, the ZyWALL treats a packet as a byte stream as opposed to an IP or IPX packet. You
specify the portion of the packet to check with the Offset (from 0) and the Length fields, both in bytes. The
ZyWALL applies the Mask (bit-wise ANDing) to the data portion before comparing the result against the
Value to determine a match. The Mask and Value are specified in hexadecimal numbers. Note that it takes
two hexadecimal digits to represent a byte, so if the length is 4, the value in either field will take 8 digits,
for example, FFFFFFFF.
To configure a generic rule, select Generic Filter Rule in the Filter Type field in menu 21.1.4.1 and
press [ENTER] to open Generic Filter Rule, as shown below.
Figure 19-7 Menu 21.1.4.1: Generic Filter Rule
The following table describes the fields in the Generic Filter Rule menu.
Menu 21.1.4.1 - Generic Filter Rule
Filter #: 4,1
Filter Type= Generic Filter Rule
Active= No
Offset= 0
Length= 0
Mask= N/A
Value= N/A
More= No Log= None
Action Matched= Check Next Rule
Action Not Matched= Check Next Rule
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.