![]() |
Source IP and Mask
Destination IP and Mask With source IP, incoming packets are filtered for the specified IP address. With destination IP, outgoing packets are filtered.If you fill in a source or destination mask, all packets are filtered for IP addresses from the subnetwork in the specified netmask. The input interface (ethN) used by the incoming packet. The output interface (ethN) used by the outgoing packet. The types of packets to be filtered are All packets, 2nd, 3rd... fragmented packets, non-fragmented and 1st fragmented packets.Flag any of the above elements with Inverted to perform target action on packets not matching any criteria specified in that line. For example, if you select DROP as the target action, specify Inverted for a source IP address and do not specify any other criteria in the rule, any packets arriving from any other source IP address than the one specified are dropped.If you select Numeric as the protocol when specifying a rule, you need to specify the desired number.If you select TCP as the protocol when specifying a rule, you can define the following options.
Specify a source or destination port number for filtering. Specify a range to filter TCP packets for any port number within the range. Specify any of the flags: SYN (synchronize), ACK (acknowledge), FIN (finish), RST (reset), URG (urgent), PSH (push) and one of the Any, Set, or Unset conditions to filter TCP packets for the specified flag and selected condition.Select UDP options by selecting UDP as the protocol when selecting a rule. Choose either the Source or Destination Port from the field, as defined above.When you select ICMP as a protocol when specifying a rule, you can select the ICMP options available on the display.