Lancom Systems LCOS 3.50 User Manual
Page 117
̈
Chapter 8: Firewall
LANCOM Reference Manual LCOS 3.50
117
Fi
rew
a
ll
The LANCOM Firewall uses several lists for checking data packets, which are
automatically generated from Firewall rules, resulting Firewall actions or by
active data connections:
̈
Host block list
̈
Port block list
̈
Connection list
̈
Filter list
When a data packet should be routed via the IP router, the Firewall uses the
lists as follows:
ቢ
The first check is, whether the packet was coming from a workstation
belonging to the host block list. If the sender is blocked, the packet will
be discarded.
ባ
If the sender is not blocked in this list, the port block list will be checked,
if the used port/protocol combination on the destination PC is closed. In
this case the packet will be discarded.
ቤ
If sender and destination are not blocked in the first two lists, then it will
be checked whether a connection entry exists for this packet in the con-
nection list. If such an entry exists, then the packet will be handled as
noted in this list.
ብ
If no entry has been found for the packet, then the filter list will be
searched, whether a suitable entry exists and the action indicated in this