VoIP/(802.11g) ADSL2+ Router

Chapter 4: Configuration

Example:

Predefined Port Filters Rules

The predefined port filter rules for High, Medium and Low security levels are listed. See Table 1.

(

Note

:

Firewall – All Blocked/User-defined

, you must define and create the port filter rules

yourself.

No predefined rule is set)

Table 1: Predefined Port Filter

Firewall - Medium

Protocol

Inbound Outbound

TCP(6)

NO

YES

UDP(17)

NO

YES

TCP(6)

NO

YES

TCP(6)

NO

YES

TCP(6)

NO

YES

TCP(6)

NO

YES

TCP(6)

NO

YES

TCP(6)

NO

YES

UDP(17)

YES

YES

ICMP(1)

NO

YES

TCP(6)

NO

YES

TCP(6)

NO

YES

TCP(6)

NO

YES

UDP(17)

NO

YES

TCP(6)

NO

YES

TCP(6)

NO

NO

Inbound:

Internet to LAN

Outbound:

LAN to Internet.

60

VoIP/(802.11g) ADSL2+ Router

Chapter 4: Configuration

Packet Filter – Add TCP/UDP Filter

Rule Name:

Users-define description to identify this entry or click

to select existing

predefined rules.

Time Schedule:

It is self-defined time period.

You may specify a time schedule for your

prioritization policy. For setup and detail, refer to

Time Schedule

section

Source IP Address(es) / Destination IP Address(es):

This is the Address-Filter used to allow or

block traffic to/from particular IP address(es).

Selecting the

Subnet Mask

of the IP address range

you wish to allow/block the traffic to or form; set IP address and Subnet Mask to

0.0.0.0

to inactive

the Address-Filter rule.

Tip:

To block access,. to/from a single IP address, enter that IP address as the

Host IP Address

and use a

Host Subnet Mask

of “255.255.255.255”.

Type:

It is the packet protocol type used by the application, select either

TCP

or

UDP

.

Source Port:

This Port or Port Ranges defines the port allowed to be used by the Remote/WAN to

connect to the application.

Default is set from range

0 ~ 65535.

It is recommended that this option

be configured by an advanced user.

Destination Port:

This is the Port or Port Ranges that defines the application.

Inbound / Outbound:

Select

Allow

or

Block

the access to the Internet (

“Outbound”

) or from the

Internet (

“Inbound”

).

Click

Apply

button to apply your changes.

61

VoIP/(802.11g) ADSL2+ Router

Chapter 4: Configuration

Packet Filter – Add Raw IP Filter

Rule Name:

Users-define description to identify this entry or click

to select existing

predefined rules.

Time Schedule:

It is self-defined time period.

You may specify a time schedule for your

prioritization policy. For setup and detail, refer to

Time Schedule

section

Protocol Number:

Insert the port number, i.e. GRE 47.

Inbound / Outbound:

Select

Allow

or

Block

the access to the Internet (

“Outbound”

) or from the

Internet (

“Inbound”

).

Click

Apply

button to apply your changes.

62

VoIP/(802.11g) ADSL2+ Router

Chapter 4: Configuration

Example: Configuring your firewall to allow for a publicly accessible web server on your LAN

The predefined port filter rule for HTTP (TCP port 80) is the same no matter whether the firewall is set to

a high, medium or low security level. To setup a web server located on the local network when the

firewall is enabled, you have to configure the Port Filters setting for HTTP.

As you can see from the diagram below, when the firewall is enabled with one of the three presets

(Low/Medium/High), inbound HTTP access is not allowed which means remote access through HTTP to

your router is not allowed.

(Note: Inbound indicates accessing from Internet to LAN and Outbound is from LAN to the Internet)

63

VoIP/(802.11g) ADSL2+ Router

Chapter 4: Configuration

Configuring Packet Filter:

1.

Click

Port Filters

. You will then be presented with the predefined port filter rules screen (in this

case for the low security level), shown below:

Note

: You may click

Edit

the predefined rule instead of

Delete

it.

This is an example to show to

how you add a filter on your own.

Click Delete

2.

Click

Delete

to delete the existing HTTP rule.

3.

Click

Add TCP/UDP Filter

.

Click Add TCP/UDP Filter

4.

Input the Rule Name, Time Schedule, Source/Destination IP, Type, Source/Destination Port,

Inbound and Outbound.

Example:

Application:

Cindy_HTTP

Time Schedule:

Always On

Source / Destination IP Address(es):

0.0.0.0

(I do not wish to active the address-filter, instead I

use the port-filter)

Type:

TCP (Please refer to Table1: Predefined Port Filter)

Source Port:

0-65535

(I allow all ports to connect with the application))

Redirect Port:

80-80

(This is Port defined for HTTP)

Inbound / Outbound:

Allow

64