Ch
apter 4: We
b
C
on
fi
gurat
i
on
47
port
To keep track of the performance of IP Filter, a logging device is used which supports logging of the
TCP/UDP and IP packet headers and the first 129 bytes of the packet (including headers) when a
packet is successfully passed through, a packet is blocked from passing through and it matches a rule
setup to look for suspicious packets
Filtering by IP address
An IP Filter can:
act as a Network Address Translator (NAT)
pass the data from the Virtual server to Internet
An example for firewall setup:
This picture is the most common and easiest way to employ the firewall. Basically, you can install a
packet-filtering router at the Internet gateway and then configures the filter rule in the router to block
or filter protocols and addresses. The systems behind the router usually have a direct access to the
Internet, however some dangerous services such as NIS and NFS are usually blocked.
For the security of your router, set the firewall is an important issue.
Diagnostics
To check the link status for the network and your computer, a diagnostic test can guide you to detect
the network problem. The testing items are listed and accomplished one by one. If the previous one is
failed, than the items below that failed one will be failed too. Use this diagnostic test to detect the
connectivity mistakes whenever you happen to the linked problem.