Filter
Top Products
60
2.15. Configuring Advanced Settings
2.15.1. Filters and Firewall
2.15.1.1. Packet Filters
Fig. 99. Packet filters settings.
You can specify rules for the firewall component of the Router to check outgoing packets. Packets
that meet the rules can be permitted or denied. The protocol field, source IP address field, destination
IP address field, and destination port field of a packet’s IP header are inspected to see if it meets a
rule. A packet that meets a rule can be dropped (Block) or accepted (Accept) as specified in the Action
setting of the rule. Packets that do not meet any rules can be dropped (Discard) or accepted (Pass) as
specified in the Policy setting.
A rule is composed of 5 parts:
What to do if a packet meets this rule (Action)
Protocol type
All
ICMP
TCP
UDP
Source IP address range (Source IP Address AND Source Subnet Mask)
Destination IP address range (Destination IP Address AND Destination Subnet Mask)
Port ranges
A source (destination) IP address range is determined by performing an AND operation on the source
(destination) IP address field and the source (destination) subnet mask field. For example, if the
source IP address field is 192.168.0.1 and the source subnet mask field is 255.255.255.0, the resultant
source IP address range is 192.168.0.0 to 192.168.0.255.
Up to 5 port ranges can be specified in a rule, and these ranges must be separated by commas. For
example, “21,80,85-89,140,200-230” in the destination port field signifies 5 port ranges.
To set a rule for packet filtering:
1. Specify the protocol type, source IP address, source IP mask, destination IP address, desti-
nation IP mask, and destination port for the rule. Then specify in the Action setting how to
deal with a packet that meets the rule.
2. Select the corresponding Enabled check box.