Chapter 38 Filter Configuration
ZyWALL 2 Plus User’s Guide
552
After you’ve created the filter set, you must apply it.
1
Enter 11 from the main menu to go to menu 11.
2
Enter 1 or 2 to open
Menu 11.x - Remote Node Profile
.
3
Go to the
Edit Filter Sets
field, press
[SPACE BAR]
to select
Yes
and press
[ENTER]
.
4
This brings you to menu 11.1.4. Apply a filter set (our example filter set 3) as shown in
5
Press
[ENTER
] to confirm after you enter the set numbers and to leave menu 11.1.4.
38.4 Filter Types and NAT
There are two classes of filter rules,
Generic Filter
(Device) rules and protocol filter (
TCP/
IP
) rules. Generic filter rules act on the raw data from/to LAN and WAN. Protocol filter
rules
act on the IP packets. Generic and TCP/IP filter rules are discussed in more detail in the next
section. When NAT (Network Address Translation) is enabled, the inside IP address and port
number are replaced on a connection-by-connection basis, which makes it impossible to know
the exact address and port on the wire. Therefore, the ZyWALL applies the protocol filters to
the “native” IP address and port number before NAT for outgoing packets and after NAT for
incoming packets. On the other hand, the generic, or device filters are applied to the raw
packets that appear on the wire. They are applied at the point when the ZyWALL is receiving
and sending the packets; i.e. the interface. The interface can be an Ethernet port or any other
hardware port. The following diagram illustrates this.
Figure 378
Protocol and Device Filter Sets
38.5 Firewall Versus Filters
Below are some comparisons between the ZyWALL’s filtering and firewall functions.
38.5.1 Packet Filtering:
• The router filters packets as they pass through the router’s interface according to the filter
rules you designed.
• Packet filtering is a powerful tool, yet can be complex to configure and maintain,
especially if you need a chain of rules to filter a service.
• Packet filtering only checks the header portion of an IP packet.
Содержание ADSL 2+ Security Gateway
Страница 1: ...www zyxel com ZyWALL 2 Plus Internet Security Appliance User s Guide Version 4 03 12 2007 Edition 1 ...
Страница 2: ......
Страница 25: ...Table of Contents ZyWALL 2 Plus User s Guide 25 Index 679 ...
Страница 26: ...Table of Contents ZyWALL 2 Plus User s Guide 26 ...
Страница 46: ...46 ...
Страница 88: ...Chapter 3 Wizard Setup ZyWALL 2 Plus User s Guide 88 ...
Страница 131: ...131 PART II Network LAN Screens 133 Bridge Screens 145 WAN Screens 151 DMZ Screens 171 Wireless LAN 181 ...
Страница 132: ...132 ...
Страница 144: ...Chapter 6 LAN Screens ZyWALL 2 Plus User s Guide 144 ...
Страница 180: ...Chapter 9 DMZ Screens ZyWALL 2 Plus User s Guide 180 ...
Страница 190: ...190 ...
Страница 209: ...Chapter 11 Firewall ZyWALL 2 Plus User s Guide 209 Figure 138 SECURITY FIREWALL Rule Summary Edit ...
Страница 221: ...Chapter 11 Firewall ZyWALL 2 Plus User s Guide 221 Figure 149 My Service Firewall Rule Example Rule Summary Completed ...
Страница 222: ...Chapter 11 Firewall ZyWALL 2 Plus User s Guide 222 ...
Страница 252: ...Chapter 13 Content Filtering Reports ZyWALL 2 Plus User s Guide 252 ...
Страница 265: ...Chapter 14 IPSec VPN ZyWALL 2 Plus User s Guide 265 Figure 178 SECURITY VPN VPN Rules IKE Edit Gateway Policy ...
Страница 274: ...Chapter 14 IPSec VPN ZyWALL 2 Plus User s Guide 274 Figure 181 SECURITY VPN VPN Rules IKE Edit Network Policy ...
Страница 306: ...Chapter 15 Certificates ZyWALL 2 Plus User s Guide 306 Figure 203 SECURITY CERTIFICATES My Certificates Create Basic ...
Страница 328: ...Chapter 16 Authentication Server ZyWALL 2 Plus User s Guide 328 ...
Страница 330: ...330 ...
Страница 346: ...Chapter 17 Network Address Translation NAT ZyWALL 2 Plus User s Guide 346 ...
Страница 350: ...Chapter 18 Static Route ZyWALL 2 Plus User s Guide 350 ...
Страница 398: ...Chapter 21 Remote Management ZyWALL 2 Plus User s Guide 398 ...
Страница 416: ...Chapter 24 ALG Screen ZyWALL 2 Plus User s Guide 416 ...
Страница 417: ...417 PART V Logs and Maintenance Logs Screens 419 Maintenance 447 ...
Страница 418: ...418 ...
Страница 423: ...Chapter 25 Logs Screens ZyWALL 2 Plus User s Guide 423 Figure 274 LOGS Log Settings ...
Страница 466: ...466 ...
Страница 474: ...Chapter 27 Introducing the SMT ZyWALL 2 Plus User s Guide 474 ...
Страница 496: ...Chapter 30 LAN Setup ZyWALL 2 Plus User s Guide 496 ...
Страница 504: ...Chapter 32 DMZ Setup ZyWALL 2 Plus User s Guide 504 ...
Страница 508: ...Chapter 33 Wireless Setup ZyWALL 2 Plus User s Guide 508 ...
Страница 556: ...Chapter 38 Filter Configuration ZyWALL 2 Plus User s Guide 556 ...
Страница 570: ...Chapter 40 System Information Diagnosis ZyWALL 2 Plus User s Guide 570 ...
Страница 586: ...Chapter 41 Firmware and Configuration File Maintenance ZyWALL 2 Plus User s Guide 586 ...
Страница 594: ...Chapter 42 System Maintenance Menus 8 to 10 ZyWALL 2 Plus User s Guide 594 ...
Страница 598: ...Chapter 43 Remote Management ZyWALL 2 Plus User s Guide 598 ...
Страница 603: ...603 PART VII Troubleshooting and Specifications Troubleshooting 605 Product Specifications 613 ...
Страница 604: ...604 ...
Страница 612: ...Chapter 45 Troubleshooting ZyWALL 2 Plus User s Guide 612 ...
Страница 620: ...620 ...
Страница 644: ...Appendix B Pop up Windows JavaScripts and Java Permissions ZyWALL 2 Plus User s Guide 644 ...
Страница 668: ...Appendix E Importing Certificates ZyWALL 2 Plus User s Guide 668 ...
Страница 672: ...Appendix F Legal Information ZyWALL 2 Plus User s Guide 672 ...
Страница 678: ...Appendix G Customer Support ZyWALL 2 Plus User s Guide 678 ...