Rule-table
Use the rule table to combine individual objects into filter rules. The rule table contains the protocol to be filtered, the source objects, the target objects and the required filter action.
The protocol and the source or target objects can contain combined objects and also direct descriptions (e.g. %P6 for TCP).
A close look at the action options reveals that the previously implemented options are reduced to four separate settings. The selection of options is initially limited by an input set for this reason. It contains the following setting options:
The rule table has the following structure (with DEFAULT values):
Name Prot. Source Target Action WINS UDP, TCP anyhost netbios anyhost Internet-filt. In addition to objects and object descriptions, protocol numbers can be entered directly in the protocol field, i.e. instead of %P6 for TCP, entering the protocol number 6 is sufficient. Objects can also be separated here with commas in addition to '+' and spaces (due to protocol list). A protocol range (separation with '-') can not be specified, however.
The previous LAN and WAN filters were added to the rules list as direct descriptions as follows:
The following table provides an overview of how the old LAN filters are entered into the new rule table. This is demonstrated in the last column using the NetBIOS filter as an example.
The following table provides the corresponding overview for the old WAN filters:
© Copyright 2001, ELSA AG http://www.elsa.de |