Defining Access Control Lists
75
■
ICMP Code
— If checked, enables specifying an ICMP message code
for filtering ICMP packets. ICMP packets that are filtered by ICMP
message type can also be filtered by the ICMP message code.
■
IGMP
— If checked, enables filtering IGMP packets for an IGMP
message type. The possible values are:
■
Select from List
— Selects an IGMP message type from a list.
■
IGMP Type
— Specifies an IGMP message type.
■
Any
— Does not filter for an IGMP message type.
■
Source IP Address
— If selected, enables matching the source port IP
address to which packets are addressed to the rule, according to a
wildcard mask. The field value is either user defined or
Any
. If
Any
is
selected, accepts any source IP address and disables wildcard mask
filtering.
■
Wild Card Mask
— Defines the source IP address wildcard mask.
Wildcard masks specify which bits are used and which bits are
ignored. A wildcard mask of 255.255.255.255 indicates that no bit
is important. A wildcard mask of 0.0.0.0 indicates that all the bits
are important. For example, if the source IP address is
149.36.184.198 and the wildcard mask is 0.0.0.255, the first three
bytes of the IP address are matched, while the last eight bits are
ignored. For the source IP address 149.36.184.198, this wildcard
mask matches all IP addresses in the range 149.36.184.0 to
149.36.184.255. A wildcard mask must not contain leading
zeroes. For example, a wildcard mask of 010.010.011.010 is
invalid, but a wildcard mask of 10.10.11.10 is valid.
■
Destination IP Address
— If selected, enables matching the
destination port IP address to which packets are addressed to the rule,
according to a wildcard mask. The field value is either user defined or
Any
. If
Any
is selected, accepts any destination IP address and disables
wildcard mask filtering.
■
Wild Card Mask
— Indicates the destination IP Address wildcard
mask. Wildcards are used to mask all or part of a destination IP
Address. Wildcard masks specify which bits are used and which
bits are ignored. A wildcard mask of 255.255.255.255 indicates
that no bit is important. A wildcard mask of 0.0.0.0 indicates that
all bits are important. For example, if the destination IP address
149.36.184.198 and the wildcard mask is 0.0.0.255, the first three
bytes of the IP address are matched, while the last eight bits are
ignored. For the destination IP address 149.36.184.198, this