Filter
Top Products
Vigor3300 Series User’s Guide
81
Pass immediately - Pass the packet immediately.
Block if no further match - means to locks the packet if no
further rules are matched.
Pass if no further match - means to passes the packet if no
further rules are matched.
Note: It is recommended placing pass rules in “pass” group and
block ones be in “block” group.
Next Group Name It indicates the next filter group. If the option Block if no
further match or Pass if no further match of Block or Pass
parameter is selected, the unmatched packets will be compared
with rules in Next Group. The option None must be chosen
while Block or Pass is selected as Block or Pass.
Apply Click this button to return to IP Filter Table setting page. The
new added rule information will be displayed on this page too.
Refer to the following graphic.
3
3
.
.
4
4
.
.
2
2
D
D
o
o
S
S
The DoS function helps to detect and mitigates DoS attacks. These include flooding-type
attacks and vulnerability attacks. Flooding-type attacks attempt to use up all your system's
resources while vulnerability attacks try to paralyze the system by offending the vulnerabilities
of the protocol or operation system.
In the Firewall group, click the DOS option. You will see the following page. The DoS
Defense Engine inspects each incoming packet against the attack signature database. Any
packet that may paralyze the host in the security zone is blocked. The DoS Defense Engine
also monitors traffic behavior. Any anomalous situation violating the DoS configuration is
reported and the attack is mitigated.