Actiontec MI424-WR-Rev-F Router Manual PDF (Setup & Configuration Guide)

Page 116 / 211 Scroll up to view Page 111 - 115

Conﬁguring Security Settings

6.9

Advanced Filtering

6

116

6.9

Advanced Filtering

Advanced filtering is designed to allow comprehensive control over the firewall’s

behavior. Specific input and output rules can be defined, the order of logically

similar sets of rules controlled, and distinctions made between rules that apply

to the Internet and rules that apply to local network devices.

To access, select

Advanced Filtering

from any Security screen. The “Advanced

Filtering” screen appears.

Two sets of rules can be configured: input rules and output rules. Following is a

description of the set ordering for inbound and outbound packets.

Page 117 / 211

FiOS Router User Manual

117

6.9a

Inbound/Outbound Packets - Rule Sets

There are numerous rules automatically inserted by the firewall to provide

improved security and block harmful attacks. The pre-populated rules displayed

are required for operation on the Verizon network.

To configure advanced filtering rules, click

Add

next to the rule title. The “Add

Advanced Filter” screen appears.

To add an advanced filtering rule, define the following rule parameters:

6.9c

Matching

To apply a firewall rule, a match must be made between IP addresses or ranges

and ports. Use the “Source Address” and “Destination Address” drop-down lists

to define the coupling of source and destination traffic. Port matching will be

defined when selecting protocols. For example, if the FTP protocol is selected,

port 21 will be checked for matching traffic flow between the defined source

and destination IPs.

6.9d

Operation

This is where the action the rule will take is defined. Select one of the following

radio buttons:

Drop

•

- Deny access to packets that match the source and destination IP

addresses and VCP reset to the origination peer.

Page 118 / 211

Conﬁguring Security Settings

6.9

Advanced Filtering

6

118

Accept

•

- Allow access to packets that match the source and destination IP

addresses and protocol ports defined in upper section of the screen. The data

transfer session will be handled using Stateful Packet Inspection (SPI).

Accept Packet

•

- Allow access to packets that match the source and

destination IP addresses and protocol ports defined in upper section of

the screen. The data transfer session will not be handled using Stateful

Packet Inspection (SPI), so other packets that match this rule will not be

automatically allowed access. This setting is useful when creating rules that

allow broadcasting.

6.9e

Logging

Click in this check box to add entries relating to this rule to the security log.

6.9f

Scheduler (When should this rule occur?)

If advanced filtering needs to be active constantly, select

Always

from the

“When should this rule occur?” drop-down list. If the rule will only be active at

certain times, select

User Defined

and click

Add

. Then, add a schedule rule (for

more details about schedule rules, see the “Advanced Settings” chapter of

this manual)

Page 119 / 211

FiOS Router User Manual

119

6.10

Security Log

The security log displays a list of firewall-related events, including attempts

to establish inbound and outbound connections, attempts to authenticate at

an administrative interface (the FiOS Router’s GUI or Telnet terminal), firewall

configuration, and system start-up.

To access the security log, select

Security Log

from any Security screen. The

“Security Log” screen appears.

6.10a

Time

The time (based on the FiOS Router’s date and time settings) the event occurred.

6.10b

Event

There are three kinds of events listed in the system log:

Firewall

Info

,

Firewall

Setup

, and

System

Log

.

6.10c

Event-Type

The “Details” column displays more information about the packet or the event,

such as protocol, IP addresses, ports, etc. The following are the available event

types that can be recorded in the security log:

802.1Q

•

- a 802.1Q (VLAN) packet has been accepted.

Access

•

control

- a packet has been accepted/blocked because of an access

control rule.

Page 120 / 211

Conﬁguring Security Settings

6.10

Security Log

6

120

Advanced Filter Rule

•

- a packet has been accepted/blocked because of an

advanced filter rule.

ARP

•

- an ARP packet has been accepted.

AUTH:113 request

•

- an outbound packet for AUTH protocol has been

accepted (for maximum security level).

Broadcast/Multicast protection

•

- a packet with a broadcast/multicast

source IP has been blocked.

Connection closed -

•

debug message regarding connection.

Connection opened

•

- debug message regarding connection.

Default

•

policy

- a packet has been accepted/blocked according to the

default policy.

Defragmentation failed

•

- the fragment has been stored in memory and

blocked until all fragments have arrived and defragmentation can be

performed.

DHCP

•

relay

agent

- a DHCP relay packet has been received (depends on

the distribution)

DHCP

•

request

- the FiOS Router sent a DHCP request (depends on

the distribution)

DHCP

•

response

- the FiOS Router received a DHCP response (depends on

the distribution)

DMZ

•

network

packet

- a packet from a demilitarized zone network has

been blocked.

Echo/Chargen/Quote/Snork protection

•

- a packet has been blocked due to

Echo/Chargen/Quote/Snork protection.

Error: No memory

•

- a new connection has not been established because of

lack of memory.

Firewall internal

•

- from the firewall internal mechanism, in case this event-

type is recorded, an accompanying explanation will be added.

Rate

Popular Actiontec Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share