Flag any of the above elements with Inverted to perform target action on packets not matching
any criteria specified in that line. For example, if you select DROP as the target action, specify
Inverted for a source IP address and do not specify any other criteria in the rule, any packets
arriving from any other source IP address than the one specified are dropped.
Numeric protocol options
If you select Numeric as the protocol when specifying a rule, you need to specify the desired
number.
TCP protocol options
If you select TCP as the protocol when specifying a rule, you can define the following options.
Field/Menu option Definition
Sourceor DestinationPort
Specifyasourceor destinationport number for filtering. Specifyarangeto
filter TCP packetsfor anyport number withinthe range.
TCPFlags
Specifyanyofthe flags:SYN (synchronize), ACK(acknowledge),FIN
(finish),RST (reset), URG(urgent),PSH (push) andone oftheAny,Set,or
Unsetconditionstofilter TCPpacketsfor the specifiedflagand selected
condition.
Table 1.4: TCP Protocol Option Definitions
UDP protocol options
Select UDP options by selecting UDP as the protocol when selecting a rule. Choose either the
Source or Destination Port from the field, as defined above.
ICMP protocol options
When you select ICMP as a protocol when specifying a rule, you can select the ICMP options
available on the display.
Target actions
The Target is the action to be performed on an IP packet that matches all the criteria specified
in a rule.
NOTE: If the LOGandREJECT targetsare selected, additionaloptionsareavailable.
For detailed information on LOG target options, see LOG target on page 83.
For detailed information on REJECT target options, see REJECT target on page 84.
8 Cyclades
®
ACS5000 Installation/Administration/User Guide
