Filter

How do I know what packet is triggering the call?


If the user already knows the protocol type, the source port and the IP address of the packet that is triggering the call, he can design the filter rule based on these information. Otherwise, he can take a look at the SMT Menu 24.1 to see what is the exact packet that triggers the outgoing call. The 'LAN Packet Which Triggered Last Call' status in Menu 24.1 will show you the packet which triggers the call. A display of the header of the packets is shown next.  

LAN Packet which Triggered Last Call: (Type: IP)
45 00 00 2E CA 0E 40 00 1F 06 D7 09 CC F7 CB B4 CC D9 00 02 04 1C 00 15 00 33 2D 5E 55 80 B5 C0 50 18 1F 9B E7 D4 00 00 50 41 53 56 0D 0A

We list the header of the IP, UDP and TCP in order to make you know more about the format of the IP packet and IPX packet in Menu 24.1 for easy configuration of a filter rule.

IP Header

0                                                                   15 16                                                                  31

4-bit
version

4-bit
length

8-bit type of service
(TOS)

16-bit total length (in bytes)

16-bit identification

3-bit
flag

13-bit fragment offset

8-bit time to live(TTL)

8-bit protocol

16-bit header checksum

32-bit source IP address

32-bit destination IP address

Option (if any)

Data

 

UDP Header

0                                                                   15 16                                                                   31

16-bit source port number 16-bit destination port number
16-bit UDP length 16-bit UDP checksum

Data (if any)


 

TCP Header

0                                                                   15 16                                                                   31

16-bit source port number

16-bit destination port number

32-bit sequence number

32-bit acknowledgment number

4-bit header length

Reserved
(6 bits)

U
R
G

A
C
K

P
S
H

R
S
T

S
Y
N

F
I
N

16-bit window size

16-bit TCP checksum

16-bit urgent pointer

Option (if any)

Data (if any)

Based on the above headers, we can then interpret the LAN Packet Which Triggered Last Call as following:  

LAN Packet which Triggered Last Call : (Type: IP)
45 00 00 2E CA 0E 40 00 1F 06 D7 09 CC F7 CB B4 CC D9 00 02 04 1C 00 15

06 = TCP Protocol
CC F7 CB B4= 204.247.203.180 = Source IP
CC D9 00 02= 204.217.0.2 = Destination IP
04 1C=1052(dec)= Source port number
00 15= 21(dec)=Destination port number = FTP port
 

IPX header in Menu 24.1:  

LAN Packet Which Triggered Last Call: (Type: IPX)
00 28 01 01 00 00 00 00 FF FF FF FF FF FF 04 53 00 00 00 00 00 00 00 00 00 0004 53 00 01 FF FF FF FF FF 00 00 00 00

01                   IPX packet type
00 00 00 00          Destination network number
FF FF FF FF FF FF    Destination node number
04 53                Destination socket number
00 00 00 00          Source network number
00 00 00 00 00 00    Source node number
04 53                Source socket number

IPX packet type:

01=RIP
02=echo
03=error
04=SAP
05=SPX
11=NCP
14=NetBIOS

Socket number:

0451=NCP
0451=SAP
0453=RIP
0455=NetBIOS


All contents copyright © 1999 ZyXEL Communications Corporation.