Page 41 / 167 Scroll up to view Page 36 - 40
Chapter 4.
Content Filtering Settings
|
41
N300 Wireless ADSL2+ Modem Router DGN2200
Examples of Log Messages
Following are examples of log messages. In all cases, the log entry shows the time stamp as
day, year-month-date
hour:minute:second.
Activation and Administration
Tue, 2006-05-21 18:48:39 - NETGEAR activated
[This entry indicates a power-up or reboot with initial time entry.]
Tue, 2006-05-21 18:55:00 - Administrator login successful-IP:192.168.0.2
Thu, 2006-05-21 18:56:58 - Administrator logout - IP:192.168.0.2
[This entry shows an administrator logging in and out from IP address 192.168.0.2.]
Tue, 2006-05-21 19:00:06 - Login screen timed out - IP:192.168.0.2
[This entry shows a time-out of the administrator login.]
Wed, 2006-05-22 22:00:19 - Log emailed
[This entry shows when the log was emailed.]
Dropped Packets
Wed, 2006-05-22 07:15:15 - TCP packet dropped -
Source:64.12.47.28,4787,WAN - Destination:134.177.0.11,21,LAN - [Inbound
Default rule match]
Sun, 2006-05-22 12:50:33 - UDP packet dropped -
Source:64.12.47.28,10714,WAN - Destination:134.177.0.11,6970,LAN -
[Inbound Default rule match]
Sun, 2006-05-22 21:02:53 - ICMP packet dropped -
Source:64.12.47.28,0,WAN - Destin
ation:134.177.0.11,0,LAN - [Inbound Default rule
match]
[These entries show an inbound FTP (port 21) packet, a User Datagram Protocol (UDP)
packet (port 6970), and an Internet Control Message Protocol (ICMP) packet (port 0) being
dropped as a result of the default inbound rule, which states that all inbound packets are
denied.]
Page 42 / 167
42
|
Chapter 4.
Content Filtering Settings
N300 Wireless ADSL2+ Modem Router DGN2200
Keyword Blocking of HTTP Traffic
Use keyword blocking to prevent certain types of HTTP traffic from accessing your network.
The blocking can be always or according to a scheduled.
1.
Select
Security >
Block Sites
.
2.
Select one of the keyword blocking options:
Per Schedule
. Turn on keyword blocking according to the Schedule screen settings.
Always
. Turn on keyword blocking all the time, independent of the Schedule screen.
3.
In the Keyword field, enter a keyword or domain, click
Add Keyword,
and click
Apply
.
The Keyword list. supports up to 32 entries. Here are some sample entries:
Specify .com if you want to allow only sites with domain suffixes such as .edu or .gov.
Enter a period (
.
) to block all Internet browsing access.
Delete Keyword or Domain
1.
Select the keyword or domain that you want to delete from the list.
2.
Click
Delete Keyword
and click
Apply
to save your changes.
Page 43 / 167
Chapter 4.
Content Filtering Settings
|
43
N300 Wireless ADSL2+ Modem Router DGN2200
Specify Trusted Computer
You can exempt one trusted computer from blocking and logging. The computer you exempt
has to have a fixed IP address.
1.
In the Trusted IP Address field, enter the IP address.
2.
Click
Apply
to save your changes.
Firewall Rules to Control Network Access
Your modem router has a firewall that blocks unauthorized access to your wireless network
and permits authorized inbound and outbound communications. Authorized communications
are established according to inbound and outbound rules. The firewall has the following two
default rules. You can create custom rules to further restrict the outbound communications or
more widely open the inbound communications:
Inbound
. Block all access from outside except responses to requests from the LAN side.
Outbound
. Allow all access from the LAN side to the outside.
Configure Firewall Rules
The Firewall Rules screen lets you configure custom rules to make exceptions to the default
rules. Exceptions can be based on the service or application, source or destination IP
addresses, and time of day. You can log traffic that matches or does not match the rule and
change the order of rule precedence. See
Set Up Services
on page
48 for information about
services.
All traffic attempting to pass through the firewall is subjected to the rules in the order shown in
the Rules table from the top (highest precedence) to the default rules at the bottom. In some
cases, the order of precedence is important to determine which communications are allowed
into or out of the network.
Page 44 / 167
44
|
Chapter 4.
Content Filtering Settings
N300 Wireless ADSL2+ Modem Router DGN2200
To set up firewall rules:
1.
Select
Security >
Firewall Rules
to display the following screen:
2.
To add an inbound or outbound rule:
For an outbound rule, click
Add
under Outbound Services.
For an inbound rule, click
Add
under Inbound Services.
3.
To edit or delete a rule, select its button on the left side and click
Edit
or
Delete
.
4.
To change the order of precedence:
a.
Select its button on the left side of the table and click
Move
.
b.
At the prompt, enter the number of the new position and click
OK
.
5.
To open or close instant messaging, select one of the following radio buttons:
Close IM Ports
. Disables instant messaging traffic.
Open IM Ports
. Enables instant messaging traffic. IM ports are open by default.
6.
Click
Apply
to save your settings.
Inbound Rules (Port Forwarding)
Because the modem router uses Network Address Translation (NAT), your network presents
only one IP address to the Internet, and outside users cannot directly address any of your
local computers. However, by defining an inbound rule you can make a local server (for
example, a Web server or game server) visible and available to the Internet.
The rule tells the modem router to direct inbound traffic for a particular service to one local
server based on the destination port number. This is also known as port forwarding. Allowing
inbound services opens holes in your firewall. Enable only those ports that are necessary for
your network. The following are two examples of inbound rules.
Page 45 / 167
Chapter 4.
Content Filtering Settings
|
45
N300 Wireless ADSL2+ Modem Router DGN2200
Note:
Some residential broadband ISP accounts do not let you run server
processes (such as a Web or FTP server) from your location. Your
ISP might periodically check for servers and suspend your account if
it discovers any active services at your location. If you are unsure,
refer to the acceptable use policy of your ISP.
Inbound Rule Example: A Local Public Web Server
If you host a public Web server on your local network, you can define a rule to allow inbound
Web (HTTP) requests from any outside IP address to the IP address of your Web server at
any time of day, as shown here and described following the figure:
The settings are:
Service
. From this list, select the application or service you want to allow or block. The
list already displays many common services, but you are not limited to these choices.
Use the Services screen to add any additional services or applications that do not already
appear. See
Set Up Services
on page
48.
Action
. Choose how you want to handle this type of traffic. You can block or allow
always, or you can block or allow according to the schedule you have defined in the
Schedule screen, described in
Schedule Services
on page
50.
Send to LAN Server
. Enter the IP address of the computer or server on your LAN that
receives the inbound traffic covered by this rule.
WAN Users
. These settings determine which packets are covered by the rule, based on
their source (WAN) IP address:
-
Any
. All IP addresses are covered by this rule.
-
Address range
. If this option is selected, you must fill in the Start and Finish fields.
-
Single address
. Enter the required address in the Start field.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top