AWK-5232
Web Console Configuration
3-27
ATTENTION
Be careful when you enable the filter function:
Drop + “
no
entity on list is activated” = all packets are
allowed
Accept + “
no
entity on list is activated” = all packets are
denied
IP Protocol Filter
The AWK-5232’s IP protocol filter is a policy-based filter that can allow or filter out IP-based packets with
specified IP protocol and source/destination IP addresses.
The AWK-5232 provides 8 entities for setting IP protocol and source/destination IP addresses in your filtering
policy. Four IP protocols are available: All, ICMP, TCP, and UDP. You must specify either the Source IP or the
Destination IP. By combining IP addresses and netmasks, you can specify a single IP address or a range of IP
addresses to accept or drop. For example, “IP address 192.168.1.1 and netmask 255.255.255.255” refers to
the sole IP address 192.168.1.1. “IP address 192.168.1.1 and netmask 255.255.255.0” refers to the range of
IP addresses from 192.168.1.1 to 192.168.255. Remember to check the Active check box for each entity to
activate the setting.
Enable
Setting
Description
Factory Default
Enable
Enables IP protocol filter
Disable
Disable
Disables IP protocol filter
Policy
Setting
Description
Factory Default
Accept
Only the packets fitting the entities on the list can be allowed Drop
Drop
Any packet fitting the entities on the list will be denied
ATTENTION
Be careful when you enable the filter function:
Drop + “
no
entity on list is activated” = all packets are
allowed
.
Accept + “
no
entity on list is activated” = all packets are
denied
.
TCP/UDP Port Filter
The AWK-5232’s TCP/UDP port filter is a policy-based filter that can allow or filter out TCP/UDP-based packets
with a specified source or destination port.
The AWK-5232 provides 8 entities for setting the range of source/destination ports of a specific protocol. In
addition to selecting TCP or UDP protocol, you can set either the source port, destination port, or both. The end
port can be left empty if only a single port is specified. Of course, the end port cannot be larger then the start
port.