The filter list allows you to examine the filters that are generated from the rules specified in the action, object and rule tables.
Important: If a filter is defined manually from the command line or in WEBconfig and there are errors in the syntax, no entry will be created in the filter list. In this case, no error message will be output. If you configure the filters manually, you should always use the filter list to check whether the desired filters have actually been created.
On the command line, the filters that have been configured are listed by using the command show filter:
Under WEBconfig, you invoke the filter list under . It is structured as follows:
The individual fields in the filter list have the following meaning:
| Entry | Description |
|---|---|
| Idx. | Sequential index |
| Prot. | Protocol to be filtered, e.g. 6 for TCP or 17 for UDP |
| Source | This column displays either the MAC address or the network as an address with the prefix length. |
| Q start | Start source port of the packets to be filtered. |
| Q end | End source port of the packets to be filtered. Together with the start source port, this defines a port range in which the filter takes effect. If start and end port are 0, the filter applies to all source ports. |
| Destination | This column displays either the MAC address, the network as an address with the prefix length, or the DNS destination. |
| Z start | Start destination port of the packets to be filtered. |
| Z end | End destination port of the packets to be filtered. Together with the start destination port, this defines a port range in which the filter takes effect. If start and end port are 0, the filter applies to all destination ports. |
| Action | This column displays the “main action” as text, i.e. the action that is executed when the first limit is exceeded. The first limit can also be an implicit limit. For example, when throughput is limited by a single value only, an implicit limit is added that is linked with an “accept” action. The main action in this case is “accept”. Actions can be viewed in full with the command show filter. |
| Linked | Indicates whether this rule is a first match rule (linked = no). Only in the case of linked rules will further rules be evaluated if this rule applies. |
| Prio | Priority of the rule that created the entry. |
| Src-Tag | Original routing tag |
| Rtg-Tag | Assigned routing tag after the filter was applied. |
