|
Q.
How does the Vigor IP Filter check outgoing or incoming traffic
?
The Filter System embedded in Vigor router consists of Filter Sets and Filter rules. There are 12 Filter Sets in the Date Filter System, and 7 Filter rules in every Filter Set.
The entry of this Filter System is specified by the Start Filter Set option in the General Setup:
When an outgoing or incoming packet is routed to the WAN, suppose that the WAN link of router is up and the Start Filter Set is setup to be Set 2, the packet will firstly pass through Filter Set 2.
As we know, there are 7 Filter rules in Filter Set 2 which is ticked as rule 1,2,3....7. The packet will pass through them one by one.
If the destination address/port and source address/port of this packet matches the destination address/port and source address/port configured in one of the Filter rules and the 'Pass or Block option' is setup to Pass or Block immediately, the filtering process will be stopped and the packet will be Passed or Blocked.
If the destination address/port and source address/port of this packet matches the related setting in one of the Filter rules and the 'Pass or Block option' is setup to 'Pass or Block if no further match', the packet will continue to pass through the remaining Filter rules, if no further rule matched, the packet will be passed or blocked.
If you want the Filter rule configured in Filter Set 3,4.....12 to be effective, please use the Next Filter Set option to link these Filter sets together:
The 'Branch to Other Filter Set' option in Filter rule will make the checking process directly jump to the specified Filter Set:
For example, if 'Branch to Other Filter Set' is setup to Set 10 in rule 2 of Filter Set 2, the packet will not be checked by the rule 3,4...7 of Filter Set 2 but the rule 1,2,3...7 in Filter Set 10.
|
|
|
Page last modified : 13 October 2008 |