| 
Central Site Remote Access Switch 301CONFIGURING A DVANCED IP ROUTINGIP FiltersEQ equal to NEQ not equal to LT less than GT greater than RANGE inclusive range <= packet port value> = Examples:EQ 23: TCP port for the Telnet protocol.RANGE 0 65535:Any TCP port (wild card and default).TCP C ONTROLThis element accesses the control bits of the TCP header, which are utilized to initiate and maintainthe state of a TCP connection. “ANY” is the wild card and default value. TCP packets whose ACKor RST control bits are set will match the ESTABLISHED value, since they belong to an establishedconnection. Conversely, a TCP packet which is attempting to open a new connection will carryneither of these bits and will match the NOT-ESTABLISHED value.ICMP TYPE AND CODEThese fields allow filtering based on the specific function of an ICMP packet, via the Type and Codefields. Using an operator of EQUAL or NOT EQUAL, the packet’s Type/Code is compared againstthe target values. These values may be a numeric quantity between 0 and 255; or the mnemonic“ANY” can be used with an EQUAL comparison as the wild card value.IP F ILTERS BACKGROUND INFORMATIONA filter is a list of conditions. It is the logical element which is applied to a point in the routingprocess to control packet flow. Each condition within a filter is created from one of the previously-defined packet types, along with the action to take when a packet matches that type.IP Filters modify the normal processing flow of an IP packet as it passes through the various stagesof IP Processing. When an IP packet encounters a filter, the filter’s output - DISCARD orFORWARD - determines if the packet has permission to continue. There are two types of IP Filters.Forwarding Filters are selectively applied to the key locations in the IP routing process. TheConnection Filter is applied to those datagrams which trigger a WAN connection in order to satisfythe forwarding process.The following illustrates a packet that is passing through a filter. The packet is checked against eachof the individual conditions of the filter before an action is performed: |
