Filter Attributes
Filter Attributes
Each filter has the following attributes:
- Service
- BrickHouse includes a list of pre-defined common internet services. If you wish to enter your own custom service, choose 'Custom Service' and enter the Protocol and Port number.
- Filter Action
- Indicates the action that will be taken for internet traffic that
matches this filter. Either 'Allow' or 'Deny'.
- Protocol
- Indicates the internet traffic 'family' that matches this
filter.
- Port Expression
- Can be a port number, a range of port numbers, or port numbers
separated by commas. Only valid with 'udp' and 'tcp' protocols.
- Source Host
- Indicates which direction matching traffic originates from. Enter the IP address of the source host that the filter should apply to. You can use so-called 'CIDR' address notation to indicate an entire network. For example, '156.25.45.0/24'.
- Destination Host
- Indicates where matching traffic is going to. Enter the IP address of the source host that the filter should apply to. You can also use so-called 'CIDR' address notation to indicate an entire network. For example, '156.25.45.0/24'.
Advanced Options
Each filter has the following advanced, optional attributes. In order to use these
effectively, you currently need to be familiar with the syntax of the underlying ipfw
command line tool.
- IP Options
- A comma separated list of one or more of the following: ssrr,
lsrr, rr, and ts.
- TCP Flags
- A comma separated list of one or more of the following: fin, syn,
rst, psh, ack, and urg.
- ICMP Types
- A comma separated list of one or more of the following: 0, 3,
4, 5, 8, 9, 10, 11, 12, 13,
14, 15, 16, 17, 18.
- Enable Log
- By default, Deny rules have logging enabled, and Allow rules have logging disabled. Be careful not to enable logging on too many 'Allow' rules or you will generate very large log files.