Services-based rules, Services-based rules -4, Services-based – NETGEAR ProSafe FVS124G User Manual

Page 80

Advertising
background image

Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports

6-4

Firewall Protection and Content Filtering

202-10085-01, March 2005

b.

Click the button for the desired actions:

Edit - to make any changes to the rule definition. The Inbound Service screen will be
displayed (see

“Inbound Rules (Port Forwarding)” on page 6-5

) with the data for the

selected rule.

Move - to move the selected rule to a new position in the table. You will be prompted
for the new position.

Delete - to delete the selected rule.

Attack Checks—These check boxes allows you to enable check on various attacks. Select the
appropriate checkbox to enable them.

VPN Passthrough: Enable this to pass the VPN traffic without any filtering, specially used
when this box is between two VPN tunnel end points.

Drop fragmented IP packets: Enable this to drop the fragmented IP packets.

UDP Flooding: Enable this to limit the number of UDP sessions created from one LAN
machine.

TCP Flooding: Enable this to protect the router from Syn flood attack.

Enable DNS Proxy: Enable this to allow the incoming DNS queries.

Enable Stealth Mode: Enable this to set the firewall to operate in stealth mode.

Respond To Ping On Internet Ports—If you want the router to respond to a 'Ping' from the
Internet, click this check box. This can be used as a diagnostic tool. You shouldn't check this
box unless you have a specific reason to do so.

Services-Based Rules

The rules to block traffic are based on the traffic’s category of service.

Inbound rules (port forwarding)—Inbound traffic is normally blocked by the firewall unless
the traffic is in response to a request from the LAN side. The firewall can be configured to
allow this otherwise blocked traffic.

Outbound rules (service blocking)—Outbound traffic is normally allowed unless the firewall
is configured to disallow it.

Customized services—Additional services can be added to the list of services in the factory
default list. These added services can then have rules defined for them to either allow or block
that traffic.

Advertising
Popular Brands
Popular manuals