Reference Manual for the Model DG824M Wireless ADSL Modem Gateway

Protecting Your Network

4-11

The parameters are:

•

Service

From this list, select the application or service to be allowed or blocked. The list already

displays many common services, but you are not limited to these choices. Use the Add

Services menu to add any additional services or applications that do not already appear.

•

Action

Choose how you would like this type of traffic to be handled. You can block or allow

always, or you can choose to block or allow according to the schedule you have defined in

the Schedule menu.

•

LAN Users

These settings determine which packets are covered by the rule, based on their

source LAN IP address. Select the desired option:

•

Any All IP addresses are covered by this rule.

•

Address range If this option is selected, you must enter the "Start" and "Finish" fields.

•

Single address Enter the required address in the "Start" fields.

•

WAN Users

These settings determine which packets are covered by the rule, based on their

destination WAN IP address. Select the desired option:

•

Any All IP addresses are covered by this rule.

•

Address range If this option is selected, you must enter the "Start" and "Finish" fields.

•

Single address Enter the required address in the "Start" fields.

•

Log

You can select whether the traffic will be logged. The choices are:

•

Never - no log entries will be made for this service.

•

Always - any traffic for this service type will be logged.

•

Match - traffic of this type which matches the parameters and action will be logged.

•

Not match - traffic of this type which does not match the parameters and action will be

logged.

Reference Manual for the Model DG824M Wireless ADSL Modem Gateway

4-12

Protecting Your Network

Order of Precedence for Rules

As you define new rules, they are added to the tables in the Rules menu, as shown in

Figure 4-8

:

Figure 4-8: Rules table with examples

For any traffic attempting to pass through the firewall, the packet information is subjected to the

rules in the order shown in the Rules Table, beginning at the top and proceeding to the default rules

at the bottom. In some cases, the order of precedence of two or more rules may be important in

determining the disposition of a packet. The Move button allows you to relocate a defined rule to a

new position in the table.

Reference Manual for the Model DG824M Wireless ADSL Modem Gateway

Protecting Your Network

4-13

Services

Services are functions performed by server computers at the request of client computers. For

example, Web servers serve web pages, time servers serve time and date information, and game

hosts serve data about other players’ moves. When a computer on the Internet sends a request for

service to a server computer, the requested service is identified by a service or port number. This

number appears as the destination port number in the transmitted IP packets. For example, a packet

that is sent with destination port number 80 is an HTTP (Web server) request.

The service numbers for many common protocols are defined by the Internet Engineering Task

Force (IETF) and published in RFC1700, “Assigned Numbers.” Service numbers for other

applications are typically chosen from the range 1024 to 65535 by the authors of the application.

Although the DG824M already holds a list of many service port numbers, you are not limited to

these choices. Use the procedure below to create your own service definitions.

Procedure 4-3:

Define Services

1.

Log in to the gateway at its default LAN address of http://192.168.0.1 with its default User

Name of

admin

, default password of

password

, or using whatever Password and LAN

address you have chosen for the gateway.

2.

Click on the Services link of the Security menu to display the Services menu shown in

Figure 4-9

:

Figure 4-9: Services menu

•

To create a new Service, click the Add button.

•

To edit an existing Service, select its button on the left side of the table and click Edit.

Reference Manual for the Model DG824M Wireless ADSL Modem Gateway

4-14

Protecting Your Network

•

To delete an existing Service, select its button on the left side of the table and click Delete.

3.

Modify the menu shown below for defining or editing a service.

Figure 4-10: Add Services menu

4.

Click Apply to save your changes.

Setting Times and Scheduling Firewall Services

The DG824M gateway uses the Network Time Protocol (NTP) to obtain the current time and date

from one of several Network Time Servers on the Internet. In order to localize the time for your

log entries, you must select your Time Zone from the list.

Procedure 4-4:

Setting Your Time Zone

In order to localize the time for your log entries, you must specify your Time Zone:

1.

Log in to the gateway at its default LAN address of http://192.168.0.1 with its default User

Name of

admin

, default password of

password

, or using whatever Password and LAN

address you have chosen for the gateway.

Reference Manual for the Model DG824M Wireless ADSL Modem Gateway

Protecting Your Network

4-15

2.

Click on the Schedule link of the Security menu to display menu shown below.

Figure 4-11: Schedule Services menu

3.

Select your Time Zone. This setting will be used for the blocking schedule according to your

local time zone and for time-stamping log entries.

Check the Daylight Savings Time box if your time zone is currently in daylight savings time.

Note:

If your region uses Daylight Savings Time, you must manually check Adjust for

Daylight Savings Time on the first day of Daylight Savings Time, and uncheck it at the end.

Enabling Daylight Savings Time will cause one hour to be added to the standard time.

4.

The gateway has a list of publicly available NTP servers. If you would prefer to use a

particular NTP server as the primary server, enter its IP address under Use this NTP Server.

5.

Click Apply to save your settings.