Configuring application filter, Application filter configuration parameters – Asus RX3041H User Manual

RX3041H User’s Manual

Chapter 9. Configuring Firewall/NAT Settings

69

9.8.1

Configuring Application Filter

Application filter allows network administrator to block, monitor, and report on network users’ access to non-
business and objectionable content. This high-performance content access control results in increased
productivity, lower bandwidth usage and reduced legal liability.

The RX3041H has the ability to handle active content filtering on certain application protocols such as HTTP,
FTP, SMTP and RPC.

HTTP – You can define HTTP extension based filtering schemes for blocking

ActiveX – *.ocx

Java Archive – *.jar

Java Applets – *.class

Microsoft Archives – *.msar

Other URLs based on file extensions.

FTP – allows you to define and enforce the file transfer policy for the site or group of users
SMTP – allows you to filter operations such as VRFY, EXPN, etc. which reveal excess information

about the recipient.

RPC – allows you to filter programs based on the assigned RPC program numbers.

9.8.1.1

Application Filter Configuration Parameters

Table 9.6 describes the configuration parameters available for application filter.

Table 9.6. Application Filter Configuration Parameters

Field

Description

Filter Type

Select the type of filter: FTP, HTTP, RPC and SMTP.

Filter Name

Enter a name for the filter.

Protocol

Select the protocol that Application Filter uses (TCP/UDP).

Port

Enter the port number that the Application Filter uses.

Log

This option includes buttons to enable and disable logging for this Application Filter.

Enable

Select this option to enable logging for this application filter.

Disable

Select this option to disable logging for this application filter.

Action

Allow

Select this option to configure the rule as an “allow” rule. This rule when
bound to the Firewall will allow matching packets to pass through.

Deny

Select this option to configure the rule as a “deny” rule. This rule when
bound to the Firewall will not allow matching packets to pass through.

Filter Commands

This section allows you to enter a command for the respective application. The list of supported
commands per application is as follows:

FTP Commands

Add the following command to an FTP filter to:

CWD

Allow or deny of change directory.

LIST

Allow or deny of Listing of files/directory.

MKD

Allow or deny of Creating a directory.

NLST

Allow Short listing of directory contents.