Filter Example

A filter for blocking the web service


Before configuring a filter, you need to know the following information:

1. The outbound packet type (protocol & port number)
2. The source IP address

Generally, the outbound packets for Web service could be as following:

a. HTTP packet, TCP (06) protocol with port number 80
b. DNS packet, TCP (06) protocol with port number 53 or
c. DNS packet, UDP (17) protocol with port number 53

For all workstation on the LAN, the source IP address will be 0.0.0.0. Otherwise, you have to enter an IP Address for the workstation you want to block. See the procedure for configuring this filter below.

1. Create a filter set in Menu 21


                       Menu 21 - Filter Set Configuration

     Filter                               Filter
     Set #        Comments                Set #        Comments
     ------  -----------------            ------  -----------------
       1      Web Request                   7      _______________
       2                                    8      _______________
       3                                    9      _______________
       4                                   10      _______________
       5                                   11      _______________
       6      _______________              12      _______________
 
 

                    Enter Filter Set Number to Configure= 1

                    Edit Comments= 

                    Press ENTER to Confirm or ESC to Cancel:
 


2. Rule one for (a). http packet, TCP(06)/Port number 80


                         Menu 21.1.1 - TCP/IP Filter Rule

                    Filter #: 1,1
                    Filter Type= TCP/IP Filter Rule
                    Active= Yes
                    IP Protocol= 6     IP Source Route= No
                    Destination: IP Addr= 0.0.0.0
                                 IP Mask= 0.0.0.0
                                 Port #= 80
                                 Port # Comp= Equal
                         Source: IP Addr= 0.0.0.0
                                 IP Mask= 0.0.0.0
                                 Port #=
                                 Port # Comp= None
                    TCP Estab= No
                    More= No           Log= None
                    Action Matched= Drop
                    Action Not Matched= Check Next Rule

                    Press ENTER to Confirm or ESC to Cancel:
 


3.Rule 2 for (b).DNS request, TCP(06)/Port number 53


                         Menu 21.1.2 - TCP/IP Filter Rule

                    Filter #: 1,2
                    Filter Type= TCP/IP Filter Rule
                    Active= Yes
                    IP Protocol= 6     IP Source Route= No
                    Destination: IP Addr= 0.0.0.0
                                 IP Mask= 0.0.0.0
                                 Port #= 53
                                 Port # Comp= Equal
                         Source: IP Addr= 0.0.0.0
                                 IP Mask= 0.0.0.0
                                 Port #=
                                 Port # Comp= None
                    TCP Estab= No
                    More= No           Log= None
                    Action Matched= Drop
                    Action Not Matched= Check Next Rule

                    Press ENTER to Confirm or ESC to Cancel:
 


4. Rule 3 for (c). DNS packet UDP(17)/Port number 53


                         Menu 21.1.2 - TCP/IP Filter Rule

                    Filter #: 1,2
                    Filter Type= TCP/IP Filter Rule
                    Active= Yes
                    IP Protocol= 17     IP Source Route= No
                    Destination: IP Addr= 0.0.0.0
                                 IP Mask= 0.0.0.0
                                 Port #= 53
                                 Port # Comp= Equal
                         Source: IP Addr= 0.0.0.0
                                 IP Mask= 0.0.0.0
                                 Port #=
                                 Port # Comp= None
                    TCP Estab= No
                    More= No           Log= None
                    Action Matched= Drop
                    Action Not Matched= Forward

                    Press ENTER to Confirm or ESC to Cancel:
 

 
5. After the three rules are completed, you will see the rule summary in Menu 21.


                        Menu 21.1 - Filter Rules Summary

 # A Type                   Filter Rules         M m n
 - - ---- -------------------------------------- - - -
 1 Y IP   Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=80    N D N
 2 Y IP   Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=53    N D N
 3 Y IP   Pr=17, SA=0.0.0.0, DA=0.0.0.0,DP=53    N D F

 


6. Apply the filter set to the 'Output Protocol Filter Set' in the remote node setup 


All contents copyright © 2004 ZyXEL Communications Corporation.