Technical Library

Return to Filter Builder

This is a simplified filter building utility for many of our certified routers. It is designed to save you time by simplifying the syntax for router filters. In addition, the filters produced are formatted for "Cut and Paste" into your router. The Filter Builder makes exactly what you tell it to make. Please review any filter made with this utility before installing it.

The format is universal for all routers listed below.
The addresses are given in address/mask form. For example:

199.100.174.1/32

Refers to the single machine 199.100.174.1

199.100.174.0/24

Refers to the whole Class C network 199.100.170.0

"Quick Click" buttons are available for allowing and disallowing services. If you intended to create the filter in the text areas, you must select "Selective Filter" else your input will be ignored.

If you would like to use the Anti-Spoofing filters, you must list your internal networks with their masks.

Input Filter Assumptions:

• Allow all packets inbound that are for established connections.
• Block all incoming connection attempts that are not specifically allowed.

Output Filter Assumptions:

• Allow all packets outbound that are for established connections.
• Allow all outbound connection attempts that are not specifically blocked.

Syntax:

source/mask:destination/mask:action

Where:

• source = source network, subnet or host
• mask = netmask in bits; 32 for a host, 24 for Class C Networks
• destination = destination network, subnet or host
• action = The action taken on this service, "p" for Permit and "d" for Deny

Example of selective filter:

0.0.0.0/0:206.128.14.2/32:p

Allows everyone (0.0.0.0/0) to machine (206.128.14.2/32)

0.0.0.0/0:0.0.0.0/0:d

Denies all connections to every machine on your network