Manualshelf

Operation Manual

ManualsBrandsAVM ManualscomputerISDN MultiProtocol Router for Windows 2000 ADSL
61626364656667686970
Examples for IP Filter Profiles
NT/MPRI – 4 Special NT/MPRI Settings 62
Filter profile “Internet incoming“
Enabled FTP Data
Connection Setup
Accept This ensures that your users
can copy data from the Internet
via ftp. Note: this rule can be
disabled if all FTP clients in
your network use the “ftp-
PASV” option.
Enabled TCP Packets Accept This ensures that reply packets
from connections you initiated
arrive in your network.
Enabled ICMP Packets Accept This ensures that error mes-
sages from the Internet are re-
ported back to your station.
Such reports are returned with
the ICMP service if a station
addressed in the Internet is in-
accessible.
Enabled All Packets Deny Everything that manages to
make it to this point can only
be interpreted as an intrusion
attempt: for example, tunnel
packets packaged in IP or rout-
ing packets like OSPF or EGP
packets. These packets also
are denied access by the de-
fault action, however. This rule
was set up so that an intrusion
attempt can be reproduced if
desired. In this case, enable
the logging function.
Status Service/Source/
Destination
Action/Log Explanation
ntmpri-e.book Seite 62 Donnerstag, 28. Februar 2002 11:26 11