82
with system-defined rules. It is also recommended that you assign rule IDs in multiples of 5 or
10 (e.g., 1000, 1010, 1020) so that you leave enough room between them for inserting new
rules if necessary.
Interface: The interface on which the rule will take effect.
Direction: Specifies whether the rule should apply to packets that are incoming or outgoing on
the selected interface. Incoming refers to packets coming in to the LAN on the interface, and
Outgoing refers to packets going out from the LAN. You can use rules that specify the
incoming direction to restrict external computers from accessing your LAN.
In Interface: The interface from which packets must be forwarded in order for this rule to be
invoked. For example, if the Interface criteria is set to ppp-0, then the In Interface could be set
to usb-0. This specifies that the rule applies only to packets passed from the USB computer
through the router's PPP interface. This option is valid only for rules defined for the outgoing
direction.
Action: Specifies what the rule will do to a packet when the packet matches the rule criteria.
The action can be Accept (forward to destination) or Deny (discard the packet). Do not select
the CallMgt option.
Log Option: When Enabled is selected, a log entry will be created on the system each time
this rule is invoked. Logging may be helpful when troubleshooting. You can also disable
logging, log only packets that match rules, or log only packets that do not match rules. This
information can be e-mailed to designated administrators.
5.7.6 DNS
Domain Name System (DNS) servers map the user-friendly domain names that users
type into their Web browsers (e.g., "yahoo.com") to the equivalent numerical IP addresses that
are used for Internet routing.