Page 61 / 130 Scroll up to view Page 56 - 60
Billion 810VGTX Router
Page | 60
Table 1: Predefined Port Filters Rules
The predefined port filter rules for High, Medium and Low security levels are listed below.
Application
Protocol
Port Number
Firewall - Low
Firewall - Medium
Firewall – High
Start
End
Inbound
Outbound
Inbound Outbound
Inbound Outbound
HTTP(80)
TCP(6)
80
80
NO
YES
NO
YES
NO
YES
DNS (53)
UDP(17)
53
53
NO
YES
NO
YES
NO
YES
DNS (53)
TCP(6)
53
53
NO
YES
NO
YES
NO
YES
FTP(21)
TCP(6)
21
21
NO
YES
NO
YES
NO
NO
Telnet(23)
TCP(6)
23
23
NO
YES
NO
YES
NO
NO
SMTP(25)
TCP(6)
25
25
NO
YES
NO
YES
NO
YES
POP3(110)
TCP(6)
110
110
NO
YES
NO
YES
NO
YES
NEWS(NNTP)
(Network News
Transfer
Protocol)
TCP(6)
119
119
NO
YES
NO
YES
NO
NO
RealAudio/
RealVideo
(7070)
UDP(17)
7070
7070
YES
YES
YES
YES
NO
NO
PING
ICMP(1)
N/A
N/A
NO
YES
NO
YES
NO
YES
H.323(1720)
TCP(6)
1720
1720
YES
YES
NO
YES
NO
NO
T.120(1503)
TCP(6)
1503
1503
YES
YES
NO
YES
NO
NO
SSH(22)
TCP(6)
22
22
NO
YES
NO
YES
NO
NO
NTP/SNTP
UDP(17)
123
123
NO
YES
NO
YES
NO
YES
HTTP/HTTP
Proxy (8080)
TCP(6)
443
443
NO
YES
NO
NO
NO
NO
HTTPS(443)
TCP(6)
443
443
NO
YES
NO
YES
N/A
N/A
ICQ (5190)
TCP(6)
5190
5190
YES
YES
N/A
N/A
N/A
N/A
MSN (1863)
TCP(6)
1863
1863
YES
YES
N/A
N/A
N/A
N/A
MSN (7001)
UDP(17)
7001
7001
YES
YES
N/A
N/A
N/A
N/A
MSN VEDIO
(9000)
TCP(6)
9000
9000
NO
YES
N/A
N/A
N/A
N/A
Page 62 / 130
Billion 810VGTX Router
Page | 61
Inbound:
Internet to LAN
Outbound:
LAN to Internet
YES:
Allowed
NO:
Blocked
N/A:
Not Applicable
Packet Filter – Add TCP/UDP Filter
Rule Name Helper:
User defined description for entry identification. You may also choose from the Select drop-down
menu for an existing predefined rule. The maximum name length is 32 characters.
Time Schedule:
A self defined time period. You may specify a time schedule for your prioritization policy. For setup and
detail, refer to Time Schedule section.
Source IP Address(es) / Destination IP Address(es):
This is the Address-Filter used to allow or block traffic to/from
particular IP address(es). Select the Subnet Mask of the IP address range you wish to allow/block the traffic to or from.
Set the IP address and Subnet Mask to 0.0.0.0 to de-activate the Address-Filter rule.
Tip: To block access, to/from a single IP address, enter that IP address as the Host IP Address and use a Host
Subnet Mask of “255.255.255.255”.
Type:
This is the packet protocol type used by the application, select TCP, UDP or both TCP/UDP.
Protocol Number:
Insert the port number.
Source Port:
This Port or Port Ranges defines the port allowed to be used by the Remote/WAN to connect to the
application. Default is set from range 0 ~ 65535. It is recommended that this option be configured by an advanced user.
Destination Port:
This is the Port or Port Ranges that defines the application.
Inbound / Outbound:
Select Allow or Block the access to the Internet (“Outbound”) or from the Internet (“Inbound”).
When all changes are made, click Add button to apply your changes.
Page 63 / 130
Billion 810VGTX Router
Page | 62
Packet Filter – Add Raw IP Filter
Go to “Type” drop-down menu, select “Use Protocol Number”.
Rule Name Helper
: User defined description for entry identification. You may also choose from the Select drop-down
menu for an existing predefined rule.
Time Schedule
: A self defined time period.
You may specify a time schedule for your prioritization policy. For setup and
detail, refer to Time Schedule section.
Source IP Address(es) / Destination IP Address(es)
: This is the Address-Filter used to allow or block traffic to/from
particular IP address(es). Select the Subnet Mask of the IP address range you wish to allow/block the traffic to or from;
set IP address and Subnet Mask to 0.0.0.0 to de-activate the Address-Filter rule.
Tip: To block access to/from a single IP address, enter that IP address as the Host IP Address and use a Host Subnet
Mask of “255.255.255.255”.
Type
: It is the packet protocol type used by the application, select TCP, UDP or both TCP/UDP.
Protocol Number
: Insert the port number, i.e. GRE 47.
Source Port
: This Port or Port Ranges defines the port allowed to be used by the Remote/WAN to connect to the
application. Default is set from range 0 ~ 65535. It is recommended that this option be configured by an advanced user.
Destination Port
: This is the Port or Port Ranges that defines the application.
Inbound / Outbound
: Select to Allow or Block access to the Internet (“Outbound”) or from the Internet (“Inbound”).
When all changes are made, click the Add button to apply your changes.
Example: Configuring your firewall to allow a publicly accessible web server on your LAN
The predefined port filter rule for HTTP (TCP port 80) is the same whether the firewall is set to a high, medium or
low security level. To setup a web server located on the local network when the firewall is enabled, you have to
configure the Port Filter settings for HTTP.
As you can see from the diagram below, when the firewall is enabled with one of the three preset (Low/Medium/High)
security levels, inbound HTTP access is not allowed which means remote access through HTTP to your router is not
allowed.
Page 64 / 130
Billion 810VGTX Router
Page | 63
Note: Inbound indicates accessing from the Internet to the LAN and Outbound is from the LAN to the Internet.
Configuring Packet Filter:
1.
Click Packet Filters. You will then be presented with the predefined port filter rules screen (in this case for the
low security level), shown below:
Note: You may choose to Edit the predefined rule instead of Deleting0 it. This is an example to show you how to
add a filter on your own.
2.
If you want to delete a filter rule, select the delete radio button of the HTTP rule you want to delete. Then click
the Edit/Delete button to delete the rule.
Page 65 / 130
Billion 810VGTX Router
Page | 64
3.
To add a new rule, Input the Rule Name, Time Schedule, Source/Destination IP, Type, Source/Destination Port,
Inbound and Outbound. Then click the Add button.
Example:
Application: Cindy_HTTP
Time Schedule: Always On
Source / Destination IP Address (es): 0.0.0.0 (I do not wish to activate the address-filter, using the port-filter instead)
Type: TCP (Please refer to Table1: Predefined Port Filter)
Source Port: 0-65535 (I am allowing all ports to connect to the application)
Redirect Port: 80-80 (This is the Port defined for HTTP)
Inbound / Outbound: Allow

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top