Configuring Your Gateway

3. Complete the fields in fields Trigger menu (see Table 14). (Or click

Back

to return to the

Trigger menu or

Cancel

to cancel any selections you made.)

4. Click

Apply

. The Special Application menu reappears, with the trigger you configured

shown in the

Trigger Table

.

5. To configure additional triggers (up to 20), repeat steps 1 through 4. When you finish, click

Apply

in the Special Applications menu to save your settings.

6. To change the settings for a trigger, click the radio button to the left of the trigger you want

to change and click the

Edit

button. When the Trigger menu appears, edit the settings as

necessary (see Table 14) and click

Apply

. Click

Apply

in the Trigger menu to save your

settings.

7. To delete a trigger, click the radio button to the left of the trigger you want to delete and

click the

Delete

button. No precautionary message appears before you delete a trigger.

Click

Apply

in the Trigger menu to save your settings.

Figure 30. Trigger Menu

51

SMCD3GN Wireless Cable Modem Gateway User Manual

Configuring Your Gateway

Table 14. Trigger Menu Options

Option

Description

Name

Name for identifying the trigger. The name is for reference purposes only.

Type

The type of protocol you want to use with the trigger. Choices are TCP and UDP. Default is

TCP. For example, to track the H.323 protocol, the protocol type should be TCP.

Trigger Port

From and To port ranges of the special application. For example, to track H.323 protocol, the

From and To ports should be 1720.

Target Port

From and To port ranges for the target port listening for the special application.

Interval

Specify the interval between 50 and 30000 between two continuous sessions. If the interval

exceeds this time interval setting, the sessions are considered to be unrelated.

IP Replacement

Select the IP replacement according to the application. Some applications embed the source

host's IP in the datagram and normal NAT would not translate the IP address in the datagram.

To make sure the network address translation is complete, IP replacement is necessary for

these special applications, such as H.323.

Allow sessions initiated from/to the

3

rd

host

Decide whether the sessions can start from/to a third host. To prevent hacker attacks from a

3rd host, this feature usually is not allowed. However, for some special applications, such as

MGCP in a VOIP application, a session initiated from a third host is permitted. For example,

assume Client A is trying to make a phone call to a host B. Client A tries to communicate with

the Media Gateway Controller (MGC) first and provides host B's number to the MGC. Then

MGC checks its own database to find B and communicate with B to provide B the information

about A. B uses this information to communicate directly to A. So initially, A is talking to MGC,

but the final step has B initiating a session to A. If the 3rd-host-initiated session is not allowed

in this example, the whole communication fails.

Configuring URL Blocking

Using the URL Blocking menu, you can configure your Gateway to block access to certain

Web sites from local computers by entering either a full URL address or keywords of the

Web site. Your Gateway examines all the HTTP packets to block the access to those

particular sites. This feature can be used to protect children from accessing inappropriate

Web sites. You can block up to 50 sites.

Using URL blocking, you can also make up to 10 computers exempt from URL blocking and

have full access to all Web sites at any time.

To display the URL Blocking menu, click

Firewall

in the menu bar and then click the

URL

Blocking

submenu. Figure 31 shows an example of the menu.

Note:

The Gateway provides a Schedule Rules feature that lets you configure URL blocking

for certain days, if desired. For more information, see “Configuring Schedule Rules” on page

54.

52

SMCD3GN Wireless Cable Modem Gateway User Manual

Configuring Your Gateway

Figure 31. URL Blocking Menu

To enable URL blocking:

1. In the URL Blocking menu, check

Enable Keyword Blocking

.

2. To exempt a computer from URL blocking, enter the computer’s Media Access Channel

(MAC) address in the

Add exempted PC

field and click the

Add Trusted Host

button. The

Exempted PC List

shows the MAC address you entered. Repeat this step for each

additional computer (up to 10) you want to make exempt from URL blocking. To remove a

computer from being exempted, use the

Delete

or

Delete All

buttons next to the field to

delete selected or all MAC addresses in the field.

3. To block a site, enter in the

Type new Keyword/Domain here

field a keyword or domain

name of the site you want to block and click

Add Keyword

. The

Blocked

Keyword/Domain List

shows the keyword or domain you entered. Repeat this step for

each additional keyword or domain (up to 50) you want to make exempt from URL

53

SMCD3GN Wireless Cable Modem Gateway User Manual

Configuring Your Gateway

blocking. To remove a computer from being exempted, use the

Delete

or

Delete All

buttons next to the field to delete selected or all MAC addresses in the field.

4. Click

Apply

.

Configuring Schedule Rules

Schedule rules work with the Gateway’s URL blocking feature (described on page 52) to tell

the Gateway when to perform URL blocking.

To access the Schedule Rule menu, click

Firewall

in the menu bar and then click the

Schedule Rule

submenu in the menu bar. Figure 32 shows an example of the menu.

Figure 32. Schedule Rule Menu

To configure a schedule rule:

1. In the Schedule Rule menu, check the days when you want to use URL blocking.

2. Specify the time when URL blocking is to start in the

Start Time

fields and the time when it

is to end in the

End Time

field. Or to enable URL blocking all day, check

All Day

.

3. Click

Apply

.

54

SMCD3GN Wireless Cable Modem Gateway User Manual

Configuring Your Gateway

Configuring Email and Syslog Alerts

Your Gateway inspects packets at the application layer, and stores TCP and UDP session

information, including timeouts and number of active sessions. This information Is helpful

when detecting and preventing Denial of Service (DoS) and other network attacks.

If you enabled the Gateway’s firewall or content-filtering feature, you can use the

Email/Syslog Alert menu to configure the Gateway to send email notifications or add entries

to the syslog when:

y

Traffic is blocked

y

Attempts are made to intrude onto the network

y

Local computers try to access block URLs

You can configure the Gateway to generate email notifications or syslog entries immediately

or at a preconfigured time.

To access the Email/Syslog Alert menu, click

Firewall

in the menu bar and then click the

Email/Syslog Alert

submenu in the menu bar. Figure 33 shows an example of the menu.

The menu has three sections:

y

The top area lets you configure the Gateway to send email notifications.

y

The middle area lets you configure the to add syslog entries.

y

The bottom area lets you define the alerting schedule.

55

SMCD3GN Wireless Cable Modem Gateway User Manual