SMC Networks SMC7004ABR V.2 User Manual

Advanced Setup

65

•

SPI and Anti-DoS firewall protection (Default: Enabled) –

When the Stateful Packet Inspection (SPI) feature is turned
on, all incoming packets will be blocked except for those types
marked with a check in the Stateful Packet Inspection section.

•

RIP Defect (Default: Enabled) – If a Router Information

Protocol (RIP) request packet is not acknowledged by the
router, it will stay in the input queue and not be released.
Accumulated packets could cause the input queue to fill,
causing severe problems for all protocols. Enabling this
feature prevents the packets from accumulating.

•

Discard Ping from WAN (Default: Disabled) – Prevents a

PING on the Gateway’s WAN port from being routed to the
network.

•

Stateful Packet Inspection – This is called a “stateful” packet

inspection because it examines the contents of the packet to
determine the state of the communications; i.e., it ensures that
the stated destination computer has previously requested the
current communication. This is a way of ensuring that all
communications are initiated by the recipient computer and
are taking place only with sources that are known and trusted
from previous interactions. In addition to being more rigorous
in their inspection of packets, stateful inspection firewalls also
close off ports until connection to the specific port is
requested.

When particular types of traffic are checked, only the
particular type of traffic initiated from the internal LAN will be
allowed. For example, if the user only checks FTP Service in
the Stateful Packet Inspection section, all incoming traffic will
be blocked except for FTP connections initiated from the local
LAN.