6-30
C
HAPTER
6: M
ANUAL
S
ETUP
Protocol Rules
You can define protocol rules within each protocol section in the filter file. Protocol
rules determine which packets may and may not access the network. The rule
syntax is:
<line #> <verb> <keyword> <operator> <value>
The line # range is 1-10. This means you can combine up to 10 rules to create a
filter for a specific protocol. Additionally, line number 999 is used for the DENY
verb.
The combination of keyword, operator, and value forms the condition which
(when combined with the verb) determines whether a packet is accepted or
rejected.
When a packet is filtered, the router parses each rule defined in the protocol
section sequentially according to the line number. Filtering is performed based on
the first match that occurs. If there is no match, by default the packet is accepted.
For this reason, you should order your protocol rules so that the rules you expect
to be most frequently matched are in the beginning of the section. This reduces
the amount of parsing time that occurs during filtering. The following table
describes each field used in the rule syntax:
The OR operation can be implemented by successive rules. For example, to accept
a packet if the source address is xxx, or the destination address is yyy, the
IPX-SAP
IPX SAP advertising filter section
BR-ETH
Bridge protocol data filter
Table 6-3
Protocol Rules
Field
Description
line #
Each rule must have a unique line number from 1-10 plus 999 for the DENY verb.
You must arrange rules in increasing order.
Verb
This field can be one of the following:
ACCEPT
- Allow the packet access if the condition is met (use with DENY verb to
indicate reject all other packets).
REJECT
- Do not allow the packet access if the condition is met.
AND
- Logically use the AND condition with condition of the next rule to
determine if the packet is accepted or rejected. Both defined conditions must be
met.
Keyword
The keywords for all protocol, descriptions, corresponding operators and values.
Operator
Describes the relationship between the keyword and its value. The operator field
must be one of the following:
= Equal
!= Not equal
> Greater than
< Less than
>= Greater or Equal
<= Less or Equal
=> Generic
value
Contains a entity that is appropriate for the keyword.
Summary of Contents for OfficeConnect 3CP4144
Page 1: ...http www 3com com OfficeConnectTM Remote 812 ADSL Router CLI User s Guide Release 1 1 ...
Page 20: ...2 4 CHAPTER 2 CLI COMMAND CONVENTIONS AND TERMINOLOGY ...
Page 30: ...4 8 CHAPTER 4 QUICK SETUP ...
Page 36: ...5 6 CHAPTER 5 QUICK VC SETUP ...
Page 76: ...6 40 CHAPTER 6 MANUAL SETUP ...