ZyXEL Communications ATP200, Руководство пользователя

Страница: 544 / 852

Chapter 30 IDP
ZyWALL ATP Series User’s Guide
544
The header fields are discussed in the following table.
Select Configuration > Security Service . The Custom Signature Rules section shows a summary of all
custom signatures created. Click the SID or Name heading to sort. Click the Add icon to create a new
signature or click the Edit icon to edit an existing signature. You can also delete custom signatures here
or save them to your computer.
Note: The Zyxel Device checks all signatures and continues searching even after a match is
found. If two or more rules have conflicting actions for the same packet, then the Zyxel
Device applies the more restrictive action ( reject-both, reject-receiver or reject-sender,
drop, none in this order). If a packet matches a rule for reject-receiver and it also
matches a rule for reject-sender , then the Zyxel Device will reject-both .
30.3.1 Add / Edit Custom Signatures
Click the Add icon to create a new signature or click the Edit icon to edit an existing signature in the
screen as shown in Figure 354 on page 538 .
Table 220 IP v4 Packet Headers
HEADER DESCRIPTION
Version The value 4 indicates IP version 4.
IHL IP Header Length is the number of 32 bit words forming the total length of the header
(usually five).
Type of Service The Type of Service, (also known as Differentiated Services Code Point (DSCP)) is
usually set to 0, but may indicate particular quality of service needs from the network.
Total Length This is the size of the datagram in bytes. It is the combined length of the header and
the data.
Identification This is a 16-bit number, which together with the source address, uniquely identifies this
packet. It is used during reassembly of fragmented datagrams.
Flags Flags are used to control whether routers are allowed to fragment a packet and to
indicate the parts of a packet to the receiver.
Fragment Offset This is a byte count from the start of the original sent packet.
Time To Live This is a counter that decrements every time it passes through a router. When it
reaches zero, the datagram is discarded. It is used to prevent accidental routing
loops.
Protocol The protocol indicates the type of transport packet being carried, for example, 1 =
ICMP; 2= IGMP; 6 = TCP; 17= UDP.
Header Checksum This is used to detect processing errors introduced into the packet inside a router or
bridge where the packet is not protected by a link layer cyclic redundancy check.
Packets with an invalid checksum are discarded by all nodes in an IP network.
Source IP Address This is the IP address of the original sender of the packet.
Destination IP Address This is the IP address of the final destination of the packet.
Options IP options is a variable-length list of IP options for a datagram that define IP Security
Option, IP Stream Identifier , (security and handling restrictions for the military), Record
Route (have each router record its IP address), Loose Source Routing (specifies a list of
IP addresses that must be traversed by the datagram), Strict Source Routing (specifies
a list of IP addresses that must ONLY be traversed by the datagram), Timestamp (have
each router record its IP address and time), End of IP List and No IP Options .
Padding Padding is used as a filler to ensure that the IP packet is a multiple of 32 bits.