ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzajb_5.4.0.1/rzajbrzajb1bheader.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="IP packet header" />
<meta name="abstract" content="You can create filter rules to refer to various portions of IP, TCP, UDP, and ICMP headers." />
<meta name="description" content="You can create filter rules to refer to various portions of IP, TCP, UDP, and ICMP headers." />
<meta name="DC.Relation" scheme="URI" content="rzajbrzajb1afilter.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajbrzajb4bhidenat.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzajb1b-header" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>IP packet header</title>
</head>
<body id="rzajb1b-header"><a name="rzajb1b-header"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">IP packet header</h1>
<div><p>You can create filter rules to refer to various portions of IP,
TCP, UDP, and ICMP headers.</p>
<p>The following list includes the fields you refer to in a filter rule that
make up the IP packet header: </p>
<ul><li>Source IP address</li>
<li>Protocol (for example, TCP, UDP)</li>
<li>Destination IP address</li>
<li>Source port</li>
<li>Destination port</li>
<li>IP datagram direction (inbound, outbound, or both)</li>
<li>TCP SYN bit</li>
</ul>
<p>For example, you can create and activate a rule that filters a packet based
on the destination IP address, source IP address, and direction (inbound).
In this case, the system matches all incoming packets (according to their
origin and destination addresses) with corresponding rules. Then the system
takes the action that you specified in the rule. The system discards any packets
that are <em>not</em> permitted in your filter rules. This is called the default
deny rule.</p>
<div class="note"><span class="notetitle">Note:</span> The system applies the default deny rule to packets only if the physical
interface has at least one active rule. This rule can be customer-defined
or generated by iSeries™ Navigator.
Regardless of whether the filter rule permits inbound traffic or outbound
traffic, the system implements the default deny rule in both directions. If
there isn't a filter rule active on the physical interface, then the default
deny rule will not work.</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajbrzajb1afilter.htm" title="Though not a fully functional firewall in itself, packet rules provide a solid component that can filter packets for your iSeries server.">IP filtering</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzajbrzajb4bhidenat.htm" title="Masquerade (hide) network address translation (NAT) allows you to keep the outside world (outside the iSeries server) from knowing the actual address of a personal computer. NAT routes traffic from your personal computer to your iSeries server, which essentially makes the iSeries server the gateway for your personal computer.">Masquerade (hide) NAT</a></div>
</div>
</div>
</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<?xml version="1.0" encoding="UTF-8"?>`
			`<!DOCTYPE html`
			`PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html lang="en-us" xml:lang="en-us">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />`
			`<meta name="security" content="public" />`
			`<meta name="Robots" content="index,follow" />`
			`<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />`
			`<meta name="DC.Type" content="concept" />`
			`<meta name="DC.Title" content="IP packet header" />`
			`<meta name="abstract" content="You can create filter rules to refer to various portions of IP, TCP, UDP, and ICMP headers." />`
			`<meta name="description" content="You can create filter rules to refer to various portions of IP, TCP, UDP, and ICMP headers." />`
			`<meta name="DC.Relation" scheme="URI" content="rzajbrzajb1afilter.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzajbrzajb4bhidenat.htm" />`
			`<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />`
			`<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />`
			`<meta name="DC.Format" content="XHTML" />`
			`<meta name="DC.Identifier" content="rzajb1b-header" />`
			`<meta name="DC.Language" content="en-us" />`
			`<!-- All rights reserved. Licensed Materials Property of IBM -->`
			`<!-- US Government Users Restricted Rights -->`
			`<!-- Use, duplication or disclosure restricted by -->`
			`<!-- GSA ADP Schedule Contract with IBM Corp. -->`
			`<link rel="stylesheet" type="text/css" href="./ibmdita.css" />`
			`<link rel="stylesheet" type="text/css" href="./ic.css" />`
			`<title>IP packet header</title>`
			`</head>`
			`<body id="rzajb1b-header"><a name="rzajb1b-header"><!-- --></a>`
			`<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>`
			`<h1 class="topictitle1">IP packet header</h1>`
			`<div><p>You can create filter rules to refer to various portions of IP,`
			`TCP, UDP, and ICMP headers.</p>`
			`<p>The following list includes the fields you refer to in a filter rule that`
			`make up the IP packet header: </p>`
			`<ul><li>Source IP address</li>`
			`<li>Protocol (for example, TCP, UDP)</li>`
			`<li>Destination IP address</li>`
			`<li>Source port</li>`
			`<li>Destination port</li>`
			`<li>IP datagram direction (inbound, outbound, or both)</li>`
			`<li>TCP SYN bit</li>`
			`</ul>`
			`<p>For example, you can create and activate a rule that filters a packet based`
			`on the destination IP address, source IP address, and direction (inbound).`
			`In this case, the system matches all incoming packets (according to their`
			`origin and destination addresses) with corresponding rules. Then the system`
			`takes the action that you specified in the rule. The system discards any packets`
			`that are <em>not</em> permitted in your filter rules. This is called the default`
			`deny rule.</p>`
			`<div class="note"><span class="notetitle">Note:</span> The system applies the default deny rule to packets only if the physical`
			`interface has at least one active rule. This rule can be customer-defined`
			`or generated by iSeries™ Navigator.`
			`Regardless of whether the filter rule permits inbound traffic or outbound`
			`traffic, the system implements the default deny rule in both directions. If`
			`there isn't a filter rule active on the physical interface, then the default`
			`deny rule will not work.</div>`
			`</div>`
			`<div>`
			`<div class="familylinks">`
			`<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajbrzajb1afilter.htm" title="Though not a fully functional firewall in itself, packet rules provide a solid component that can filter packets for your iSeries server.">IP filtering</a></div>`
			`</div>`
			`<div class="relconcepts"><strong>Related concepts</strong><br />`
			`<div><a href="rzajbrzajb4bhidenat.htm" title="Masquerade (hide) network address translation (NAT) allows you to keep the outside world (outside the iSeries server) from knowing the actual address of a personal computer. NAT routes traffic from your personal computer to your iSeries server, which essentially makes the iSeries server the gateway for your personal computer.">Masquerade (hide) NAT</a></div>`
			`</div>`
			`</div>`
			`</body>`
			`</html>`