ZyXEL P-660HW-T1 v3 User Guide - Page 226
Packet Filter Technical Reference
View all ZyXEL P-660HW-T1 v3 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 226 highlights
Chapter 12 Packet Filter Table 65 Security > Packet Filter > Edit (Generic Filter) > Edit Rule (continued) LABEL DESCRIPTION Log Select a logging option from the following: None - No packets will be logged. Match - Only packets that match the rule parameters will be logged. Not Match - Only packets that do not match the rule parameters will be logged. Action Match Both - All packets will be logged. Select the action for a matching packet. Action Not Match Options are Check Next Rule, Forward and Drop. Select the action for a packet not matching the rule. Back Apply Cancel Options are Check Next Rule, Forward and Drop. Click this to return to the previous screen without saving. Click this to save your changes. Click this to restore your previously saved settings. 12.3 Packet Filter Technical Reference This section provides some technical background information about the topics covered in this chapter. 12.3.1 Filter Types and NAT There are two classes of filter rules, generic filter rules and protocol filter rules. Generic filter rules act on the raw data from/to LAN and WAN. Protocol filter rules act on the IP packets. When NAT (Network Address Translation) is enabled, the inside IP address and port number are replaced on a connection-by-connection basis, which makes it impossible to know the exact address and port on the wire. Therefore, the ZyXEL Device applies the protocol filters to the "native" IP address and port number before NAT for outgoing packets and after NAT for incoming packets. On the other hand, the generic filters are applied to the raw packets that appear on the wire. They are applied at the point when the ZyXEL Device is 226 P-660HW-Tx v3 Series User's Guide