Configuration manual
136 Chapter 11 Filter configuration
NN47922-501
Figure 61 Outgoing packet filtering process
For incoming packets, your Business Secure Router applies data filters only.
Packets are processed depending upon whether a match is found. The following
sections describe how to configure filter sets.
Filter Structure
A filter set consists of one or more filter rules. Usually, you group related rules,
for example, all the rules for NetBIOS, into a single set and give it a descriptive
name. With the Business Secure Router, you can configure up to twelve filter sets
with six rules in each set, for a total of 72 filter rules in the system. You cannot
mix device filter rules and protocol filter rules within the same set. You can apply
up to four filter sets to a particular port to block multiple types of packets. With
each filter set having up to six rules, you can have a maximum of 24 rules active
for a single port.
Sets of factory default filter rules are configured in menu 21 to prevent NetBIOS
traffic from triggering calls and to prevent incoming Telnet sessions. A summary
of their filter rules is shown in the figures that follow.
Figure 62 illustrates the logic flow when executing a filter rule. Also see
Figure 66 for the logic flow when executing an IP filter.
Data
Filtering
Outgoi ng
Pac k et
Drop
pack et
Built-in
defaul t
Call Filters
User-def i ned
Call Filters
(i f appl icabl e)
Initiate call
if line not u
p
Act ive Dat
a
Send packet
and reset
Idle Timer
Or Or
Drop packe
t
i f l ine not u
p
Drop packe
t
if line not u
p
Send packet
but do not r eset
Idle Timer
Send packet
but do not reset
Idle Timer
Matc h Matc hMatc h
No
matc h
No
matc h
No
matc h
Cal l Filtering