6-30 C HAPTER 6: M ANUAL SETUPProtocol RulesYou can define protocol rules within each protocol section in the filter file. Protocolrules determine which packets may and may not access the network. The rulesyntax is: The line # range is 1-10. This means you can combine up to 10 rules to create afilter for a specific protocol. Additionally, line number 999 is used for the DENYverb.The combination of keyword, operator, and value forms the condition which(when combined with the verb) determines whether a packet is accepted orrejected.When a packet is filtered, the router parses each rule defined in the protocolsection sequentially according to the line number. Filtering is performed based onthe first match that occurs. If there is no match, by default the packet is accepted.For this reason, you should order your protocol rules so that the rules you expectto be most frequently matched are in the beginning of the section. This reducesthe amount of parsing time that occurs during filtering. The following tabledescribes each field used in the rule syntax:The OR operation can be implemented by successive rules. For example, to accepta packet if the source address is xxx, or the destination address is yyy, theIPX-SAP IPX SAP advertising filter sectionBR-ETH Bridge protocol data filterTable 6-3 Protocol RulesField Descriptionline # Each rule must have a unique line number from 1-10 plus 999 for the DENY verb.You must arrange rules in increasing order.Verb This field can be one of the following:ACCEPT - Allow the packet access if the condition is met (use with DENY verb toindicate reject all other packets).REJECT - Do not allow the packet access if the condition is met.AND - Logically use the AND condition with condition of the next rule todetermine if the packet is accepted or rejected. Both defined conditions must bemet.Keyword The keywords for all protocol, descriptions, corresponding operators and values.Operator Describes the relationship between the keyword and its value. The operator fieldmust be one of the following:= Equal!= Not equal> Greater than< Less than>= Greater or Equal<= Less or Equal=> Genericvalue Contains a entity that is appropriate for the keyword.