IP Filtering
7-3
8000-A2-GB21-30
April 1998
H A socket address rule type to limit certain applications. This rule type is
used primarily when filtering TCP or UDP packets, and may be used in
conjunction with a network address rule type or a host address rule type. The
destination (socket) port number specified in the Destination Port No.
field and source (socket) port number specified in the Source Port No.
field of the IP Filter Configuration screen are compared to the destination and
source port numbers in the TCP or UDP header of the packet.
NOTE:
If both the source and destination port numbers are 0s (zeros), the system
filters ICMP packets in addition to the packet types defined in the rule.
In this release, you can configure up to two filters on the MCC card and up to
eight filters on each DSL card. Also, up to 33 rules can be configured for each
filter. Keep in mind that for each filter, you will need to configure the default filter
action (either to forward or discard packets).
For detailed information on the IP Filter Configuration screen and the IP Network
screen, see Chapter 5,
DSL Card Configuration
and Chapter 6,
Monitoring the
Hotwire DSLAM
, of the
Hotwire DSLAM for 8540 and 8546 DSL Cards User’s
Guide
.
Security Advantages
Filtering provides security advantages on LANs as described in the following
subsections.
NOTE:
All upstream traffic from an ES is forwarded by a Hotwire 5246 or 5446 RTU
to the DSL card unless it is addressed to another ES (in the same subnet) on
the same LAN.
