Filter Example

A filter for blocking a specific client


If you want to forbid a specific local client from triggering a call to ISP, you can configure a call filter set in Prestige to block the packets from this client. After the call filter is applied, the packet that is sent from this client would not trigger the call to your ISP or remote node. As long as the call is triggered by the other clients and the Internet connection is established, this workstation will be able to access the Internet or remote node.

1. Create a filter set in Menu 21, e.g., set 1

                       Menu 21 - Filter Set Configuration

     Filter                               Filter
     Set #        Comments                Set #        Comments
     ------  -----------------            ------  -----------------
       1       Block a client               7      _______________
       2                                    8      _______________
       3                                    9      _______________
       4      _______________              10      _______________
       5      _______________              11      _______________
       6      _______________              12      _______________
 
 

                    Enter Filter Set Number to Configure= 0

                    Edit Comments=

               Press ENTER to Confirm or ESC to Cancel:
 

2. One rule one for blocking all packets from this client


                         Menu 21.1.1 - TCP/IP Filter Rule

                    Filter #: 1,1
                    Filter Type= TCP/IP Filter Rule
                    Active= Yes
                    IP Protocol= 0     IP Source Route= No
                    Destination: IP Addr= 0.0.0.0
                                 IP Mask= 0.0.0.0
                                 Port #=
                                 Port # Comp= None
                         Source: IP Addr= 192.168.1.5
                                 IP Mask= 255.255.255.255
                                 Port #=
                                 Port # Comp= None
                    TCP Estab= N/A
                    More= No           Log= None
                    Action Matched= Drop
                    Action Not Matched= Forward

                    Press ENTER to Confirm or ESC to Cancel:

Key Settings:

3. Apply the filter set number '1' in the 'Call Filter Set' field of SMT menu 11.5 for taking active.


                         Menu 11.1 - Remote Node Profile

     Rem Node Name= Hinet                 Route= IP
     Active= Yes                          Bridge= No

     Call Direction= Outgoing             Edit PPP Options= No
     Incoming:                            Rem IP Addr= 0.0.0.0
       Rem Login= N/A                     Edit IP/IPX/Bridge= No
       Rem Password= N/A                  Telco Option:
       Rem CLID= N/A                       Allocated Budget(min)= 5
       Call Back= N/A                       Period(hr)= 1
     Outgoing:                              Transfer Type= 64K
       My Login= qwer                      Nailed-Up Connection= No
       My Password= ********              Session Options:
       Authen= CHAP/PAP                     Edit Filter Sets= Yes
       Pri Phone #= 4125678                 Idle Timeout(sec)= 300
       Sec Phone #=

                    Press ENTER to Confirm or ESC to Cancel:
 

 


                        Menu 11.5 - Remote Node Filter

                    Input Filter Sets:
                      protocol filters=
                        device filters=
                    Output Filter Sets:
                      protocol filters=
                        device filters=
                    Call Filter Sets:
                      protocol filters= 1
                        device filters=

 

4. If you want to prevent this client accessing the Internet or remote node, you can apply this filter set to SMT Menu 3.1, the 'protocol filter' in the Input Filter Sets


                     Menu 3.1 - General Ethernet Setup

                    Input Filter Sets:
                      protocol filters= 1
                        device filters=
                    Output Filter Sets:
                      protocol filters=
                        device filters=
 

 

After this filter set is applied to this field, the client (192.168.1.5) will not be allowed to access
the Internet or remote node any more.
 


All contents copyright © 1999 ZyXEL Communications Corporation.