ZyXEL ZyWALL ATP700 User Guide - Page 603
Add / Edit Custom Signatures
View all ZyXEL ZyWALL ATP700 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 603 highlights
Chapter 29 IDP The header fields are discussed in the following table. Table 235 IP v4 Packet Headers HEADER DESCRIPTION Version The value 4 indicates IP version 4. IHL IP Header Length is the number of 32 bit words forming the total length of the header (usually five). Type of Service The Type of Service, (also known as Differentiated Services Code Point (DSCP)) is usually set to 0, but may indicate particular quality of service needs from the network. Total Length This is the size of the datagram in bytes. It is the combined length of the header and the data. Identification This is a 16-bit number, which together with the source address, uniquely identifies this packet. It is used during reassembly of fragmented datagrams. Flags Flags are used to control whether routers are allowed to fragment a packet and to indicate the parts of a packet to the receiver. Fragment Offset This is a byte count from the start of the original sent packet. Time To Live This is a counter that decrements every time it passes through a router. When it reaches zero, the datagram is discarded. It is used to prevent accidental routing loops. Protocol The protocol indicates the type of transport packet being carried, for example, 1 = ICMP; 2= IGMP; 6 = TCP; 17= UDP. Header Checksum This is used to detect processing errors introduced into the packet inside a router or bridge where the packet is not protected by a link layer cyclic redundancy check. Packets with an invalid checksum are discarded by all nodes in an IP network. Source IP Address This is the IP address of the original sender of the packet. Destination IP Address This is the IP address of the final destination of the packet. Options IP options is a variable-length list of IP options for a datagram that define IP Security Option, IP Stream Identifier, (security and handling restrictions for the military), Record Route (have each router record its IP address), Loose Source Routing (specifies a list of IP addresses that must be traversed by the datagram), Strict Source Routing (specifies a list of IP addresses that must ONLY be traversed by the datagram), Timestamp (have each router record its IP address and time), End of IP List and No IP Options. Padding Padding is used as a filler to ensure that the IP packet is a multiple of 32 bits. Select Configuration > Security Service. The Custom Signature Rules section shows a summary of all custom signatures created. Click the SID or Name heading to sort. Click the Add icon to create a new signature or click the Edit icon to edit an existing signature. You can also delete custom signatures here or save them to your computer. Note: The Zyxel Device checks all signatures and continues searching even after a match is found. If two or more rules have conflicting actions for the same packet, then the Zyxel Device applies the more restrictive action (reject-both, reject-receiver or reject-sender, drop, none in this order). If a packet matches a rule for reject-receiver and it also matches a rule for reject-sender, then the Zyxel Device will reject-both. 29.3.1 Add / Edit Custom Signatures Click the Add icon to create a new signature or click the Edit icon to edit an existing signature on the screen as shown in Figure 398 on page 597. ZyWALL ATP Series User's Guide 603