Home » ZyXEL Manuals » Networking » ZyXEL P-861H-G2 » Manual Viewer

ZyXEL P-861H-G2 User Guide - Page 197

Offset, Length, Value, Filter Type, Menu 21.1.5.1, Generic Filter Rule

Get ZyXEL P-861H-G2 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 197 highlights

Prestige 861H Series User's Guide For generic rules, the Prestige treats a packet as a byte stream as opposed to an IP packet. You specify the portion of the packet to check with the Offset (from 0) and the Length fields, both in bytes. The Prestige applies the Mask (bit-wise ANDing) to the data portion before comparing the result against the Value to determine a match. The Mask and Value fields are specified in hexadecimal numbers. Note that it takes two hexadecimal digits to represent a byte, so if the length is 4, the value in either field will take 8 digits, for example, FFFFFFFF. To configure a generic rule select an empty filter set in menu 21, for example 5. Select Generic Filter Rule in the Filter Type field and press [ENTER] to open Menu 21.1.5.1 - Generic Filter Rule, as shown in the following figure. Figure 128 Menu 21.1.5.1 Generic Filter Rule Menu 21.1.5.1 - Generic Filter Rule Filter #: 5,1 Filter Type= Generic Filter Rule Active= No Offset= 0 Length= 0 Mask= N/A Value= N/A More= No Log= None Action Matched= Check Next Rule Action Not Matched= Check Next Rule Press ENTER to Confirm or ESC to Cancel: The next table describes the fields in the Generic Filter Rule menu. Table 58 Menu 21.1.5.1 Generic Filter Rule FIELD Filter # Filter Type Active Offset Length Mask Value More DESCRIPTION This is the filter set, filter rule coordinates, for instance, 2, 3 refers to the second filter set and the third rule of that set. Press [SPACE BAR] and then [ENTER] to select a type of rule. Parameters displayed below each type will be different. Choices are Generic Filter Rule or TCP/IP Filter Rule. Select Yes to turn on or No to turn off the filter rule. Type the starting byte of the data portion in the packet that you want to compare. The range for this field is from 0 to 255. Type the byte count of the data portion in the packet that you want to compare. The range for this field is 0 to 8. Type the mask (in Hexadecimal) to apply to the data portion before comparison. Type the value (in Hexadecimal) to compare with the data portion. If Yes, a matching packet is passed to the next filter rule before an action is taken or else the packet is disposed of according to the action fields. If More is Yes, then Action Matched and Action Not Matched will be N/A. Chapter 21 Filter Configuration 196

Section	Page
User’s Guide	1
Copyright	3
Federal Communications Commission (FCC) Interference Statement	4
Safety Warnings	6
ZyXEL Limited Warranty	7
Customer Support	8
Table of Contents	11
List of Figures	23
List of Tables	29
Preface	33
Introduction to DSL	35
Getting To Know Your Prestige	37
1.1 Introducing the Prestige	37
1.1.1 Features of the Prestige	37
1.1.2 Applications for the Prestige	39
1.1.2.1 Home Gateway Applications	39
1.1.3 Front Panel LEDs	42
1.1.4 Rear Panel	43
1.1.4.1 VDSL Port	43
1.1.4.2 Ground (Available on some models)	43
1.1.4.3 LAN 1 ~ 4	43
1.1.4.4 Console Port	43
1.1.4.5 Reset Button	43
1.1.4.6 Power Port	44
1.1.4.7 Turning On Your Prestige	44
Introducing the Web Configurator	45
2.1 Web Configurator Overview	45
2.1.1 Accessing the Prestige Web Configurator	45
2.1.2 Navigating the Prestige Web Configurator	46
2.2 Password	48
Wizard Setup for Internet Access	49
3.1 Introduction	49
3.1.1 Internet Access Wizard Setup	49
3.1.1.1 Internet Access Wizard Setup : Routing	50
3.1.1.2 Internet Access Wizard Setup : Bridge	57
LAN Setup	63
4.1 LAN Overview	63
4.1.1 LANs, WANs and the Prestige	63
4.1.2 DHCP Setup	63
4.1.2.1 IP Pool Setup	64
4.1.3 DNS Server Address	64
4.1.4 DNS Server Address Assignment	64
4.2 LAN TCP/IP	65
4.2.1 IP Address and Subnet Mask	65
4.2.1.1 Private IP Addresses	65
4.2.2 RIP Setup	66
4.2.3 Multicast	66
4.2.4 Configuring LAN	67
WAN Setup	71
5.1 WAN Overview	71
5.1.1 Encapsulation	71
5.1.1.1 ENET ENCAP	71
5.1.1.2 PPP over Ethernet	71
5.1.1.3 PPPoA	71
5.1.1.4 RFC 1483	72
5.1.2 LLC-based Multiplexing	72
5.1.3 VPI and VCI	72
5.1.4 IP Address Assignment	72
5.1.4.1 IP Assignment with PPPoA or PPPoE Encapsulation	72
5.1.4.2 IP Assignment with RFC 1483 Encapsulation	72
5.1.4.3 IP Assignment with ENET ENCAP Encapsulation	73
5.1.5 Nailed-Up Connection (PPP)	73
5.1.6 NAT	73
5.2 PPPoE Encapsulation	73
5.3 Traffic Shaping	74
5.3.1 ATM Traffic Classes	74
5.3.1.1 Constant Bit Rate (CBR)	74
5.3.1.2 Variable Bit Rate (VBR)	74
5.3.1.3 Unspecified Bit Rate (UBR)	74
5.3.2 Traffic Parameters	75
5.3.2.1 Peak Cell Rate (PCR)	75
5.3.2.2 Sustained Cell Rate (SCR)	75
5.3.2.3 Maximum Burst Size (MBS)	75
5.3.2.4 Minimum Cell Rate (MCR)	75
5.3.3 Cell Delay Variation Tolerance (CDVT)	76
5.3.4 Burst Tolerance (BT)	76
5.4 Permanent Virtual Circuit	76
5.4.1 PVC Example	76
5.5 Remote Node Screen	77
5.6 Zero Configuration Internet Access	79
5.7 Configuring WAN Setup	79
Network Address Translation (NAT) Screens	85
6.1 NAT Overview	85
6.1.1 NAT Definitions	85
6.1.2 What NAT Does	86
6.1.3 How NAT Works	86
6.1.4 NAT Application	87
6.1.5 NAT Mapping Types	88
6.2 SUA (Single User Account) Versus NAT	89
6.3 SUA Server	89
6.3.1 Default Server IP Address	89
6.3.2 Port Forwarding: Services and Port Numbers	89
6.3.3 Configuring Servers Behind SUA (Example)	90
6.4 Selecting the NAT Mode	90
6.5 Configuring SUA Server	91
6.6 Configuring Address Mapping	93
6.7 Editing an Address Mapping Rule	94
Dynamic DNS Setup	97
7.1 Dynamic DNS	97
7.1.1 DYNDNS Wildcard	97
7.2 Configuring Dynamic DNS	97
Time and Date	99
8.1 Configuring Time and Date	99
Remote Management Configuration	101
9.1 Remote Management Overview	101
9.1.1 Remote Management Limitations	101
9.1.2 Remote Management and NAT	102
9.1.3 System Timeout	102
9.2 Telnet	102
9.3 FTP	102
9.4 Web	102
9.5 SNMP	103
9.5.1 Supported MIBs	104
9.5.2 SNMP Traps	104
9.6 ICMP	104
9.7 Configuring Remote Management	105
Universal Plug-and-Play (UPnP)	107
10.1 Introducing Universal Plug and Play	107
10.1.1 How do I know if I'm using UPnP?	107
10.1.2 NAT Traversal	107
10.1.3 Cautions with UPnP	107
10.2 UPnP and ZyXEL	108
10.2.1 Configuring UPnP	108
10.3 Installing UPnP in Windows Example	109
10.4 Using UPnP in Windows XP Example	113
Logs Screens	121
11.1 Logs Overview	121
11.1.1 Alerts and Logs	121
11.2 Displaying the Logs	121
Maintenance	123
12.1 Maintenance Overview	123
12.2 System Status Screen	123
12.2.1 System Statistics	125
12.3 DHCP Table Screen	127
12.4 Diagnostic Screens	128
12.4.1 Diagnostic General Screen	128
12.4.2 Diagnostic DSL Line Screen	128
12.5 Firmware Screen	129
12.6 Configuration Screen	131
12.6.1 Backup Configuration	131
12.6.2 Restore Configuration	132
12.6.3 Default Screen	133
Introducing the SMT	135
13.1 SMT Introduction	135
13.1.1 Procedure for SMT Configuration via Telnet	135
13.1.2 Entering Password	135
13.1.3 Prestige SMT Menus Overview	136
13.2 Navigating the SMT Interface	137
13.2.1 System Management Terminal Interface Summary	138
13.3 Changing the System Password	139
Menu 1 General Setup	141
14.1 General Setup	141
14.2 Procedure To Configure Menu 1	141
14.2.1 Procedure to Configure Dynamic DNS	143
Menu 3 LAN Setup	145
15.1 LAN Setup	145
15.1.1 General Ethernet Setup	145
15.2 Protocol Dependent Ethernet Setup	146
15.3 TCP/IP Ethernet Setup and DHCP	146
Internet Access	149
16.1 Internet Access Overview	149
16.2 IP Policies	149
16.3 IP Alias	149
16.4 IP Alias Setup	150
16.5 Route IP Setup	151
16.6 Internet Access Configuration	152
Remote Node Configuration	155
17.1 Remote Node Setup Overview	155
17.2 Remote Node Setup	155
17.2.1 Remote Node Profile	155
17.2.2 Encapsulation and Multiplexing Scenarios	156
17.2.3 Outgoing Authentication Protocol	158
17.3 Remote Node Network Layer Options	159
17.3.1 My WAN Addr Sample IP Addresses	160
17.4 Remote Node Filter	161
17.5 Editing ATM Layer Options	162
17.5.1 LLC-based Multiplexing or PPP Encapsulation	162
17.5.2 Advance Setup Options	163
Static Route Setup	165
18.1 IP Static Route Overview	165
18.2 Configuration	165
Bridging Setup	169
19.1 Bridging in General	169
19.2 Bridge Ethernet Setup	169
19.2.1 Remote Node Bridging Setup	169
19.2.2 Bridge Static Route Setup	171
Network Address Translation (NAT)	173
20.1 Using NAT	173
20.1.1 SUA (Single User Account) Versus NAT	173
20.2 Applying NAT	173
20.3 NAT Setup	175
20.3.1 Address Mapping Sets	176
20.3.1.1 SUA Address Mapping Set	176
20.3.1.2 User-Defined Address Mapping Sets	177
20.3.1.3 Ordering Your Rules	178
20.4 Configuring a Server behind NAT	180
20.5 General NAT Examples	181
20.5.1 Example 1: Internet Access Only	181
20.5.2 Example 2: Internet Access with an Inside Server	182
20.5.3 Example 3: Multiple Public IP Addresses With Inside Servers	183
20.5.4 Example 4: NAT Unfriendly Application Programs	187
Filter Configuration	189
21.1 About Filtering	189
21.1.1 The Filter Structure of the Prestige	190
21.2 Configuring a Filter Set for the Prestige	191
21.3 Filter Rules Summary Menus	192
21.4 Configuring a Filter Rule	193
21.4.1 TCP/IP Filter Rule	194
21.4.2 Generic Filter Rule	196
21.5 Filter Types and NAT	198
21.6 Example Filter	198
21.7 Applying Filters and Factory Defaults	200
21.7.1 Ethernet Traffic	201
21.7.2 Remote Node Filters	201
SNMP Configuration	203
22.1 About SNMP	203
22.2 Supported MIBs	204
22.3 SNMP Configuration	204
22.4 SNMP Traps	205
System Information and Diagnosis	207
23.1 Overview	207
23.2 System Status	207
23.3 System Information	209
23.3.1 System Information	209
23.3.2 Console Port Speed	210
23.4 Log and Trace	211
23.4.1 Viewing Error Log	211
23.5 Diagnostic	212
Firmware and Configuration File Maintenance	215
24.1 Filename Conventions	215
24.2 Backup Configuration	216
24.2.1 Backup Configuration	216
24.2.2 Using the FTP Command from the Command Line	217
24.2.3 Example of FTP Commands from the Command Line	217
24.2.4 GUI-based FTP Clients	218
24.2.5 TFTP and FTP over WAN Management Limitations	218
24.2.6 Backup Configuration Using TFTP	219
24.2.7 TFTP Command Example	219
24.2.8 GUI-based TFTP Clients	219
24.3 Restore Configuration	220
24.3.1 Restore Using FTP	220
24.3.2 Restore Using FTP Session Example	221
24.4 Uploading Firmware and Configuration Files	222
24.4.1 Firmware File Upload	222
24.4.2 Configuration File Upload	222
24.4.3 FTP File Upload Command from the DOS Prompt Example	223
24.4.4 FTP Session Example of Firmware File Upload	224
24.4.5 TFTP File Upload	224
24.4.6 TFTP Upload Command Example	225
System Maintenance	227
25.1 Command Interpreter Mode	227
25.2 Call Control Support	228
25.2.1 Budget Management	228
25.3 Time and Date Setting	229
25.3.1 Resetting the Time	232
Remote Management	233
26.1 Remote Management Overview	233
26.2 Remote Management	233
26.2.1 Remote Management Setup	233
26.2.2 Remote Management Limitations	234
26.3 Remote Management and NAT	235
26.4 System Timeout	235
IP Policy Routing	237
27.1 IP Policy Routing Overview	237
27.2 Benefits of IP Policy Routing	237
27.3 Routing Policy	237
27.4 IP Routing Policy Setup	238
27.5 Applying an IP Policy	241
27.5.1 Ethernet IP Policies	241
27.6 IP Policy Routing Example	243
Call Scheduling	247
28.1 Introduction	247
Introduction to CLI	251
29.1 Command Line Interface Overview	251
29.1.1 Accessing the Command Line Interface	251
29.1.2 Command Conventions	251
29.1.3 Command Syntax Conventions	252
29.2 help Command	252
29.3 exit Command	252
System Commands	253
30.1 System Commands Overview	253
30.2 System Configuring	253
30.3 sys Commands	253
30.4 sys Command Examples	256
30.4.1 sys version	256
30.4.2 sys logs errlog disp	257
30.4.3 sys logs errlog clear Command Example	257
Ethernet, IP and WAN Commands	259
31.1 Ethernet Commands	259
31.2 IP Commands	259
31.3 ip Command Examples	262
31.3.1 ip ping	262
31.3.2 ip route status	263
31.3.3 ip arp status	263
31.4 WAN Commands	264
VDSL Commands	265
32.1 VDSL Commands Overview	265
32.2 Command Summary	265
32.2.1 vdsl Commands	265
32.3 VDSL Default Values	266
32.3.1 Service Categories	266
32.4 Interleave Delay	267
32.5 SNR (Signal-to-Noise-Ratio)	267
32.6 VDSL Command Examples	268
32.6.1 VDSL Port Command	268
32.6.2 VDSL Clear Port Clear Counter	269
32.6.3 PVC List Command	269
32.6.4 Activate the VDSL Current Port Profile	270
32.6.5 Reset VDSL Profile	271
32.6.6 Band Plans	271
32.6.7 Show Profile Command	271
32.6.8 VDSL Version Command	272
Troubleshooting	273
33.1 Problems Starting Up the Prestige	273
33.2 Problems with the LAN	273
33.3 Problems with the WAN	274
33.4 Problems Accessing the Prestige	275
33.4.1 Pop-up Windows, JavaScripts	275
33.4.1.1 Internet Explorer Pop-up Blockers	275
33.4.1.2 JavaScripts	278
Product Specifications	281
Setting up Your Computer’s IP Address	285
Windows 95/98/Me	285
Installing Components	286
Configuring	287
Verifying Settings	288
Windows 2000/NT/XP	288
Verifying Settings	293
Macintosh OS 8/9	293
Verifying Settings	295
Macintosh OS X	295
Verifying Settings	296
IP Subnetting	297
IP Addressing	297
IP Classes	297
Subnet Masks	298
Subnetting	298
Example: Two Subnets	299
Example: Four Subnets	301
Example Eight Subnets	302
Subnetting With Class A and Class B Networks.	303
Boot Commands	305
NetBIOS Filter Commands	307
Introduction	307
Display NetBIOS Filter Settings	307
NetBIOS Filter Configuration	308
Splitters and Microfilters	311
Connecting a POTS Splitter	311
Telephone Microfilters	311
Prestige With ISDN	312
PPPoE	313
PPPoE in Action	313
Benefits of PPPoE	313
Traditional Dial-up Scenario	313
How PPPoE Works	314
Prestige as a PPPoE Client	314
Log Descriptions	315
Log Commands	329
Configuring What You Want the Prestige to Log	329
Displaying Logs	330
Log Command Example	330
Loop Reach	331
Testing Conditions	331
Band Plan : 998_138_12000(4B)	332
Band Plan : 998_138_8500(3B)	332
Band Plan : 997_138_8500(4B)	332
ASCII Characters	333
ASCII Code	333
Index	335
Numerics	335
A	335
B	335
C	335
D	335
E	336
F	336
G	336
H	337
I	337
L	337
M	337
N	338
O	338
P	338
Q	339
R	339
S	339
T	340
U	340
V	340
W	341
X	341

Match case Limit results 1 per page

Prestige 861H Series User’s Guide

Chapter 21 Filter Configuration

196

For generic rules, the Prestige treats a packet as a byte stream as opposed to an IP packet. You

specify the portion of the packet to check with the

Offset

(from 0) and the

Length

fields, both

in bytes. The Prestige applies the Mask (bit-wise ANDing) to the data portion before

comparing the result against the Value to determine a match. The

Mask

and

Value

fields are

specified in hexadecimal numbers. Note that it takes two hexadecimal digits to represent a

byte, so if the length is 4, the value in either field will take 8 digits, for example, FFFFFFFF.

To configure a generic rule select an empty filter set in menu 21, for example 5. Select

Generic Filter Rule

in the

Filter Type

field and press

[ENTER]

to open

Menu 21.1.5.1 –

Generic Filter Rule

, as shown in the following figure.

Figure 128

Menu 21.1.5.1 Generic Filter Rule

Menu 21.1.5.1 - Generic Filter Rule

Filter #: 5,1

Filter Type= Generic Filter Rule

Active= No

Offset= 0

Length= 0

Mask= N/A

Value= N/A

More= No

Log= None

Action Matched= Check Next Rule

Action Not Matched= Check Next Rule

Press ENTER to Confirm or ESC to Cancel:

The next table describes the fields in the

Generic Filter Rule

menu.

Table 58

Menu 21.1.5.1 Generic Filter Rule

FIELD

DESCRIPTION

Filter #

This is the filter set, filter rule coordinates, for instance, 2, 3 refers to the second filter

set and the third rule of that set.

Filter Type

Press [SPACE BAR] and then [ENTER] to select a type of rule. Parameters displayed

below each type will be different. Choices are

Generic Filter Rule

TCP/IP Filter

Rule

Active

Select

Yes

to turn on or

to turn off the filter rule.

Offset

Type the starting byte of the data portion in the packet that you want to compare. The

range for this field is from 0 to 255.

Length

Type the byte count of the data portion in the packet that you want to compare. The

range for this field is 0 to 8.

Mask

Type the mask (in Hexadecimal) to apply to the data portion before comparison.

Value

Type the value (in Hexadecimal) to compare with the data portion.

Yes

, a matching packet is passed to the next filter rule before an action is taken or

else the packet is disposed of according to the action fields.

Yes

, then

Action Matched

and

Action Not Matched

will be

N/A