Page 36 / 84 Scroll up to view Page 31 - 35
Page
36
/
84
4.
Port Filters
This page all
ows you to enter ranges of destination ports (applications) that you don’t want your LAN
PCs to send packets to. Any packets your LAN PCs send to these destination ports will be blocked. For
example, you could block access to worldwide web browsing (http = port 80) but still allow email service
(SMTP port 25 and POP-3 port 110). To enable port filtering, set Start Port and End Port for each range,
and click Apply. To block only one port, set both Start and End ports with the same value.
Fig.2-18 Advanced\Port Filters
You can add a blank row to the list by clicking
Add row
button. Entering the port range and protocol
that you want to block and then clicking
Save
button for saving the configuration.
Check the
Delete
option of a row and then clicking
Save
button for deleting the row.
The protocol option can be Both, UDP or TCP. Both of UDP and TCP port will be blocked if
Both
was
selected.
Page 37 / 84
Page
37
/
84
5.
Forwarding
For LAN
WAN communications, the gateway normally only allows you to originate an IP connection
with a PC on the WAN; it will ignore attempts of the WAN PC to originate a connection onto your PC.
This protects you from malicious attacks from outsiders. However, sometimes you may wish for anyone
outside to be able to originate a connection to a particular PC on your LAN if the destination port
(application) matches one you specify.
Fig. 2-19 Advanced\Forwarding
You can add a blank row to the list by clicking
Add row
button. Entering the public port range, target
IP address, target port range and protocol that you want to forward and then clicking
Save
button for
saving the configuration.
Check the
Delete
option of a row and then clicking
Save
button for deleting the row.
The protocol option can be Both, UDP or TCP. Both of UDP and TCP port will be blocked if
Both
was
selected.
Page 38 / 84
Page
38
/
84
6.
Port Triggers
Some Internet activities, such as interactive gaming, require that a PC on the WAN side of your gateway
be able to originate connections during the game with your game playing PC on the LAN side. You could
use the Advanced-Forwarding web page to construct a forwarding rule during the game, and then remove
it afterwards (to restore full protection to your LAN PC) to facilitate this. Port triggering is an elegant
mechanism that does this work for you, each time you play the game.
Fig. 2-20 Advanced\Port Triggers
Port Triggering works as follows. Imagine you want to play a particular game with PCs somewhere on
the Internet. You make one time effort to set up a Port Trigger for that game, by entering into
Trigger
Start Port
and
Tigger End Port
the range of destination ports your game will be sending to, and
entering into
Target Start Port
the range of destination ports the other player (on the WAN side) will be
sending to (ports your PC
’s game receives on). Application programs like games publish this information
in user manuals. Later, each time you play the game, the gateway automatically creates the forwarding
rule necessary. This rule is valid until 10 minutes after it sees game activity stop. After 10 minutes, the
rule becomes inactive until the next matched outgoing traffic arrives.
e.g., suppose you specify Trigger Range from 6660 to 6670 and Target Range from 113 to 113. An
outbound packet arrives at the gateway with your game-playing PC source IP address 192.168.0.10,
destination port 666 over TCP/IP. This destination port is within the Trigger destined for port 113 to your
game-playing PC at 192.168.0.10.
Page 39 / 84
Page
39
/
84
7.
DMZ Host
Use this page to designate one PC on your LAN that should be left accessible to all PCs from the WAN
side, for all ports. e.g., if you put an HTTP server on this machine, anyone will be able to access that
HTTP server by using your gateway IP address as the destination. A setting of “0” indicates NO DMZ
PC. “Host” is another Internet term for a PC connected to the Internet.
Fig.2-21 Advanced\DMZ Host
Page 40 / 84
Page
40
/
84
8.
Firewall
These pages allow you to enable, disable, and configure a variety of firewall features associated with web
browsing, which uses the HTTP protocol and transports HTML web pages. On these pages, you designate
the gateway packet types you want to have forwarded or blocked. You can activate settings by checking
them and clicking
Save
button.
The web-related filtering features you can activate from the Firewall page include Filter Cookies, Filter
Java Applets, Filter ActiveX, Filter Popup Windows, Block Fragmented IP Packets, Port Scan Detection,
IP Flood Detection, and Firewall Protection.
Fig. 2-22 Advanced\Firewall

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top