Page 31 / 81
Scroll up to view Page 26 - 30
26
(1.2.3.10-1.2.3.20) They can do everything (block nothing)
Others are all blocked.
Example 2:
(1.2.3.100-1.2.3.119) They can do everything except read net news (port 119) and transfer files via FTP (port 21)
Others are all allowed.
After
Inbound Packet Filter
setting is configured, click the
save
button.
Outbound Filter:
To enable
Outbound Packet Filter
click the check box next to
Enable
in the
Outbound Packet Filter
field.
Page 32 / 81
27
Example 1:
(192.168.1.100-192.168.1.149) They are allowed to send mail (port 25), receive mail (port 110), and browse Internet
(port 80); port 53 (DNS) is necessary to resolve the domain name.
(192.168.1.10-192.168.1.20) They can do everything (block nothing)
Others are all blocked.
Page 33 / 81
28
Example 2:
(192.168.1.100-192.168.1.119) They can do everything except read net news (port 119) and transfer files via FTP
(port 21)
Others are allowed
After
Outbound Packet Filter
setting is configured, click the
save
button.
Page 34 / 81
29
4.4.4 Domain Filtering
Domain Filter
Let you prevent users under this device from accessing specific URLs.
Domain Filter Enable
Check if you want to enable Domain Filter.
Log DNS Query
Check if you want to log the action when someone accesses the specific URLs.
Privilege IP Addresses Range
Setting a group of hosts and privilege these hosts to access network without restriction.
Domain Suffix
A suffix of URL to be restricted. For example, ".com", "xxx.com".
Action
When someone is accessing the URL met the domain-suffix, what kind of action you want.
Check drop to block the access. Check log to log these access.
Enable
Check to enable each rule.
Page 35 / 81
30
Example:
In this example:
1.
URL include
“
www.msn.com
”
will be blocked, and the action will be record in log-file.
2.
URL include
“
www.sina.com
”
will not be blocked, but the action will be record in log-file.
3.
URL include
“
www.google.com
”
will be blocked, but the action will not be record in log-file.
4.
IP address X.X.X.1~ X.X.X.20 can access network without restriction.