D-Link DI-304 Network Router User Manual


 
DI-304/DI-304M ISDN Remote Router
from accessing the Internet. Additionally, it can filter out specific packets to trigger
the router to place an outgoing connection.
An Overview of the Firewall
The IP Filter/Firewall includes two types of filter: Call Filter and Data Filter. The
former is designed to block or allow IP packets that will trigger the router to
establish an outgoing connection. The latter is designed to block or allow which
kind of IP packets are allowed to pass through the router when the WAN connection
has been established. It works like this: when an outgoing packet is routed to the
WAN, the IP Filter will decide if the packet should be forwarded to the Call Filter or
Data Filter. If the WAN connection has not been established, the packet will enter
the Call Filter. If the packet is not allowed to trigger router dialing, it will be
dropped. Otherwise, it will initiate a call to establish the WAN connection.
If the WAN connection of the router has been established, the packet will pass
through the Data Filter. Packets match the block rule will be dropped and the
contrary will be sent to the WAN interface. Alternatively, if an incoming packet
enters from the WAN interface, it will pass through the Data Filter directly. If the
packets match the block rule, it will be dropped. Otherwise, it will be sent to the
internal LAN. The filter architecture is shown as below.
The Following sections will explain more about IP Filter/Firewall Setup using Web
Configurator. The Filter has 12 filter sets with 7 filter rules for each set. There are a
total of 84 filter rules for the IP Filter/Firewall Setup. By default, the Call Filter
rules are defined in filter set 1 and the Data Filter rules are defined in filter set 2.
59