Prestige 201 ISDN Access Router
6-8 Filter Configuration
There are two categories of filter rules, Device Filter (Generic) rules and Protocol Filter (TCP/IP) rules.
Device Filter rules act on the raw data from/to LAN and WAN. Protocol Filter rules act on the IP and IPX
packets. Generic and TCP/IP filter rules are discussed in more detail in the next section. When NAT/SUA
(Network Address Translation/Single User Account) is enabled, the inside IP address and port number are
replaced on a connection-by-connection basis, which makes it impossible to know the exact address and port
on the wire. Therefore, the Prestige applies the protocol filters to the “native” IP address and port number
before NAT/SUA for outgoing packets and after NAT/SUA for incoming packets. On the other hand, the
generic, or device filters are applied to the raw packets that appear on the wire. They are applied at the point
when the Prestige is receiving and sending the packets; i.e. the interface. The interface can be Ethernet, or
any other hardware port. The following diagram illustrates this.
Figure 6-6 Protocol and Device Filter Sets
To speed up filtering, all rules in a filter set must be of the same class, i.e., protocol filters or generic filters.
The class of a filter set is determined by the first rule that you create. When applying the filter sets to a port,
separate menu fields are provided for protocol and device filter sets. If you include a protocol filter set in a
device filters field or vice versa, the Prestige will warn you and will not allow you to save.
6.3.2 TCP/IP Filter Rule
This section shows you how to configure a TCP/IP filter rule. TCP/IP rules allow you to base the rule on the
fields in the IP and the upper layer protocol, e.g., UDP and TCP, headers.
To configure a TCP/IP rules, select TCP/IP Filter Rule from the Filter Type field and press [Enter] to open
Menu 21.1.1 - TCP/IP Filter Rule, as shown next.
Incoming
Device
Filters
S
U
A
Incoming
Protocol
Filters
Route
Outgoing
Protocol
Filters
S
U
A
Outgoing
Device
Filters
