If the port number changes, the packet will be dropped.
In addition, CBAC can specifically inspect individual application-layer protocols to maintain the connection
information for each session. Application-layer protocol inspection takes precedence over the TCP or UDP
protocol inspection. The following application-layer protocols are supported and can be configured for CBAC
inspection:
CU-SeeMe
FTP
H.323 (such as NetMeeting)
HTTP (Java blocking)
ICMP
Microsoft NetShow
RealAudio
RTSP (Real-Time Streaming Protocol)
RPC (Sun RPC, not DCE RPC)
SMTP (Simple Mail Transport Protocol)
ESMTP (Extended Simple Mail Transport Protocol)
SQL*Net
StreamWorks
TFTP
UNIX R-commands (such as rlogin, rexec, and rsh)
VDOLive
Configuring CBAC
To configure CBAC, perform the following steps:
Step 1. Select an interface: internal or external.
Step 2. Configure an IP access list.
Step 3. Define an inspection rule.
Step 4. Configure global timeouts and thresholds (optional).
Step 5. Apply the access list and the inspection rule to an interface.
Step 6. Verify and monitor CBAC.
Step 1??”Select an Interface: Internal or External
CBAC can be configured either on an internal or external interface of the firewall.
Pages:
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224