The filter list allows to examine filters generated by rules defined in the action, object and rule table.
Note: Please note that manually entered filter rules do not generate a fault indication and also
no error message. If you configure filters manually, you should in each case examine on the
basis of the filter list whether the desired filters were generated or not.
On Telnet level, the content of the filter list can be displayed with the command show filter:
Under WEBconfig the filter list has the following structure:
The individual fields in the filter list have the following meaning:
| Entry | Description |
|---|---|
| Idx. | Current index |
| Prot | Protocol to be filtered, e.g. 6 for TCP or 17 for UDP. |
| Src MAC | Ethernet source address of the packet to be filtered or 000000000000, if the filter should apply to all packets. |
| Src address | Source IP address or 0.0.0.0, if the filter should apply to all packets. |
| Source mask | Source network mask, which determinates the source network together with the source IP address, or 0.0.0.0, if the filter should apply to packets from all networks. |
| Q start | Start source port of the packets to be filtered. |
| Q end | End source port of the packets to be filtered. Makes up the port range together with the start source port, in which the filter takes effect. If start and end port are 0, then the filter is valid for all source ports. |
| Dst MAC | Ethernet destination address of the packet to be filtered or 000000000000, if the filter should apply to all packets. |
| Dst address | Destination address or 0.0.0.0, if the filter should apply to all packets. |
| Dst mask | Destination network mask, which determinates the destination network together with the destination IP address, or 0.0.0.0, if the filter should apply to packets to all networks. |
| Z start | Start destination port of the packets to be filtered. |
| Z end | Destination port of the packets to be filtered. Makes up the port range together with the start destination port, in which the filter takes effect. If start and end port are 0, so the filter is valid for all destination ports. |
| Action | Into this column, the "main action" is unveiled as a text, which will be executed when the first limit has been exceeded. The first limit can be also an implicit limit, e.g. if only one limit for the restriction of the throughput was configured. Then an implicit limit - linked with an "accept" action - is inserted. In this case, "accept" is unveiled as main action. You can see the complete actions under the command show filter. |
| Linked | Indicates whether it concerns a "first Match" rule (linked = no). Only with linked rules in the case of applying of this rule, also further rules are evaluated. |
| Prio | Priority of the rule having generated the entry. |