1. Home
    2. /
  2. Manuals
    3. /
  3. Huawei
    4. /
  4. B2268H
    5. /
  5. 18
Page 86 / 155 Scroll up to view Page 81 - 85
LTE TDD B2268H
User Guide
10 Firewall
Issue 01 (2014-01-15)
Copyright © Huawei Technologies Co., Ltd.
79
Figure 10-3
Security > Firewall > Services
Each field is described in the following table.
Table 10-2
Security > Firewall > Services
LABEL
DESCRIPTION
Add New Service
Entry
Click this to define a new service.
Name
This is the name of a configured service.
Type
This is the protocol type (
TCP
,
UDP
,
ICMP or Others)
of the service.
Port Number
This displays a range of port numbers that defines the service.
Modify
Click the
Edit
icon to edit the service.
Click the
Delete
icon to delete the service. Note that subsequent rules
move up by one when you take this action. Deleting a service rule also
deletes the related ACL rules which are configured in the
Security >
Firewall > Access Control
screen.
10.3.1 The Add New Services Entry Screen
Use this screen to configure a service that you want to use in an ACL rule in the
Security >
Firewall > Access Control > Add New ACL Rule/Edit
screen. To access this screen, click
Security > Firewall > Services
and then the
Add New Service Entry
button.
Figure 10-4
Security > Firewall > Services > Add New Service Entry
Page 87 / 155
LTE TDD B2268H
User Guide
10 Firewall
Issue 01 (2014-01-15)
Copyright © Huawei Technologies Co., Ltd.
80
Each field is described in the following table.
Table 10-3
Security > Firewall > Services > Add New Service Entry
LABEL
DESCRIPTION
Name
Type a descriptive name for the service.
Type
Select the protocol type (
TCP
,
UDP
or
ICMP or Others
) of the service.
Protocol
Number
Enter the protocol number of the service type.
Source Port,
Destination Port
The source port defines from which port number(s) the service traffic is
sent. The destination port defines the port number(s) the destination hosts
use to receive the service traffic.
Select
Single
if the service uses one and only one source or destination
port, then enter the port number.
Select
Multiple
if the service uses two or more source or destination
ports, then enter a port range. For example, suppose you want to define
the Gnutella service. Select
TCP
type and enter a port range of
6345-6349
.
Apply
Click
Apply
to save your changes.
Back
Click
Back
to exit this screen without saving your changes.
10.4 The Access Control Screen
Click
Security > Firewall > Access Control
to display the following screen. This screen
displays a list of the configured incoming or outgoing filtering rules.
Figure 10-5
Security > Firewall > Access Control
Each field is described in the following table.
Table 10-4
Security > Firewall > Access Control
LABEL
DESCRIPTION
Rules Storage
Space usage(%)
This bar shows the percentage of the LTE Device's space has been
used. If the usage is almost full, you may need to remove an existing
filter rule before you create a new one.
Add new ACL rule
Click this to go to add a filter rule for incoming or outgoing IP traffic.
Page 88 / 155
LTE TDD B2268H
User Guide
10 Firewall
Issue 01 (2014-01-15)
Copyright © Huawei Technologies Co., Ltd.
81
LABEL
DESCRIPTION
Name
This displays the name of the rule.
Src IP
This displays the source IP addresses to which this rule applies. Please
note that a blank source address is equivalent to
Any
.
Dst IP
This displays the destination IP addresses to which this rule applies.
Please note that a blank destination address is equivalent to
Any
.
Services
This displays the protocol type and a port range that define the service
to which this rule applies.
Policy
This field displays whether the rule silently discards packets (
DROP
),
discards packets and sends a TCP reset packet or an ICMP destination-
unreachable message to the sender (
REJECT
) or allows the passage of
packets (
PERMIT
).
Modify
Click the
Edit
icon to edit the rule.
Click the
Delete
icon to delete an existing rule. Note that subsequent
rules move up by one when you take this action.
10.4.1 The Add New ACL Rule/Edit Screen
Click
Add New ACL Rule
or the
Edit
icon next to an existing ACL rule in the
Access Control
screen. The following screen displays.
Figure 11-6
Security > Firewall > Access Control > Add New ACL Rule/Edit
Each field is described in the following table.
Page 89 / 155
LTE TDD B2268H
User Guide
10 Firewall
Issue 01 (2014-01-15)
Copyright © Huawei Technologies Co., Ltd.
82
Table 10-5
Security > Firewall > Access Control > Add New ACL Rule/Edit
LABEL
DESCRIPTION
Filter Name
Enter a descriptive name of up to 16 alphanumeric characters, not
including spaces, underscores, and dashes.
You must enter the filter name to add an ACL rule. This field is read-
only if you are editing the ACL rule.
Source Address
Type
Select
Single
or
Range
depending on whether you want to enter a
single or a range of source IP address(es) to which the ACL rule
applies. Select
Any
to indicate any source IP address.
Source IP Address
Start
Enter an IP address or the starting IP address of the source IP range.
Source IP Address
End
Enter the ending IP address of the source IP range.
Destination
Address Type
Select
Single
or
Range
depending on whether you want to enter a
single or a range of destination IP address(es) to which the ACL rule
applies. Select
Any
to indicate any destination IP address.
Destination IP
Address Start
Enter an IP address or the starting IP address of the destination IP
range.
Destination IP
Address End
Enter the ending IP address of the destination IP range.
Select Protocol
Select the name of a configured service or
Select Service
to define a
new service in this screen.
Protocol
This field is available when you
Select Service
in
Select Protocol
.
Choose the protocol type (
TCP
,
UDP
,
ICMP
or
Others
) of the
service.
Protocol Number
This field is available when you select
Others
in
Protocol
.
Enter the protocol number of the service type to which this ACL rule
applies.
Source Port
This field is displayed only when you
Select Service
in
Select
Protocol
and
TCP
or
UDP
in
Protocol
.
Select
Single
or
Range
and then enter a single port number or the range
of port numbers of the source. Select
Any
to indicate any source port.
Destination Port
This field is displayed only when you
Select Service
in
Select
Protocol
and TCP or UDP in Protocol.
Select
Single
or
Range
and then enter a single port number or the range
of port numbers of the destination. Select
Any
to indicate any
destination port.
Policy
Use the drop-down list box to select whether to silently discard
(
DROP
), deny and send an ICMP destination-unreachable message to
the sender of (
REJECT
) or allow the passage of (
PERMIT
) packets
that match this rule.
Direction
Use the drop-down list box to select the direction of traffic to which this
rule applies. The possible options are
LAN to DEVICE
,
LAN to
Page 90 / 155
LTE TDD B2268H
User Guide
10 Firewall
Issue 01 (2014-01-15)
Copyright © Huawei Technologies Co., Ltd.
83
LABEL
DESCRIPTION
WAN
,
WAN to LAN
, and
WAN to DEVICE
.
Apply
Click
Apply
to save your changes.
Back
Click
Back
to exit this screen without saving your changes.
10.5 The DoS Screen
Click
Security > Firewall > DoS
to display the following screen. Use this screen to enable or
disable Denial of Service (DoS) protection.
Figure 10-6
Security > Firewall > DoS
Each field is described in the following table.
Table 10-6
Security > Firewall > DoS
LABEL
DESCRIPTION
DoS Protection
Blocking
DoS (Denial of Service) attacks can flood your Internet connection
with invalid packets and connection requests, using so much
bandwidth and so many resources that Internet access becomes
unavailable.
Select
Enable
to enable protection against DoS attacks or
Disable
to
disable it.
Apply
Click
Apply
to save the DoS Protection settings.
Cancel
Click
Cancel
to restore your previously saved settings.
10.6 Firewall Technical Reference
This section provides some technical background information about the topics covered in this
chapter.
10.6.1 Guidelines For Enhancing Security With Your Firewall
Step 1
Change the default password via web configurator.
Step 2
Think about access control before you connect to the network in any way.

Rate

4 / 5 based on 2 votes.

Popular Huawei Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top