Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherSPEDDTOUCH DSL ROUTERS
61626364656667686970
Chapter 4. Configuring Special Features 69
Chapter 4. Configuring Special Features
The features described in this chapter are advanced topics. They are primarily intended for experienced users and
network administrators to perform network management and more complex configurations.
Bridge Filtering and IP firewall
IP protocol controls (RIP)
Dynamic Host Configuration Protocol (DHCP)
Network Address Translation (NAT )
Management security
Software options keys
Encryption
IP filtering
L2TP tunneling
Bridge Filtering and IP Firewall
General Information
You can control the flow of packets across the router using bridge filtering. Bridge filtering lets you “deny” or
“allow” packets to cross the network based on position and hexadecimal content within the packet. This enables
you to restrict or forward messages with a specified address, protocol, or data content. Common uses are to
prevent access to remote networks, control unauthorized access to the local network, and limit unnecessary traffic.
For example, it might be necessary to restrict remote access for specific users on the local network. In this case,
bridging filters are defined using the local MAC address for each user to be restricted. Each bridging filter is
specified as a "deny" filter based on the MAC address and position of the address within the packet. “deny”
filtering mode is then enabled to initiate bridge filtering. Every packet with one of the MAC addresses would not
be bridged across the router until “deny” filtering mode was disabled.
Similarly, protocol filtering can be used to prevent a specific protocol from being bridged. In this case, the
protocol id field in a packet is used to deny or allow a packet. You can also restrict, for example, the bridging of
specific broadcast packets.
Configure Bridge Filtering
Bridge filtering allows you to control the packets transferred across the router. This feature can be used to enhance
security or improve performance. Filtering will occur based on matched patterns within the packet at a specified
offset. Two filtering modes are available:
“Deny” mode will discard any packet matched to the “deny” filters in the filter database and let all other
packets pass.
“Allow” mode will only pass the packets that match the “allow” filters in the filter database and discard all
others.