Packet rules terminology
Here are the useful terms related to the packet rules.
- border address
- A border address is a public address that acts as a boundary between a trusted and an untrusted network. It describes the IP address as an actual interface on the system. The system needs to know the type of address you are defining. For example, your personal computer's IP address is trusted, but your system's public IP address is a border address.
- A logical barrier around systems in a network. A firewall consists of hardware, software, and a security policy that controls the access and flow of information between secure (trusted) systems and nonsecure (untrusted) systems.
- Maxcon is a parameter that is part of masquerade network address translation (NAT) filter rule. It is the number of conversations that can be active at one time. You are required to define this number when you set up NAT masquerade rules. The default value is 128. Maxcon only pertains to masquerade NAT rules.
- NAT conversation
- A NAT conversation is a relationship between any of the following IP addresses
and port numbers:
- Private source IP address and source port number (without NAT).
- Public (NAT) source IP address and public (NAT) source port number.
- Destination IP address and port number (an external network).
- PPP filter identifier
- A PPP filter identifier allows you to apply filter rules to an interface that has been defined in a point-to-point profile. The PPP filter identifier also links the filter rules to groups of users in a point-to-point profile. Because the point-to-point profile is associated with a specific IP address, the filter identifier implicitly defines the interface to which the rules apply.
- Timeout controls the amount of time a conversation is allowed to last. If you have timeout set too short, the conversation is stopped too quickly. The default value is 16.