Filter
Top Products
131
Cyclades-PR4000
Chapter 14 - Filters and Rules
Rules Lists
Rule List Name Rule Default List Linked
Status Scope Type Rule
List
slot1_in Enabled Permit Filter
Filter_list Name slot1_in
Rule 0
Status Enabled
Scope Deny
Protocol 0
Source IP Operator Equal
Source IP start 10.0.0.0
Source IP Mask 255.0.0.0
Destination IP Operator None
Source Port Operator None
Destination Port Operator None
TCP connections allowed Y
Account Process allowed N
Slot1_in, rule 0, prohibits any incoming packets with source IP addresses of the internal network. Since the
addresses used for internal networks cannot be routed on the Internet, they cannot be valid unless there is a leak
of traffic through another router to the perimeter network.
Imagine that, as shown in the figure, the network is expanded and another range of IP addresses is used (not a
sub-network). Rule 0 in the list Slot1_in will not protect this network. Either another rule can be added to this
list, or the new router can filter packets into its area (or both).