Manualshelf

User manual

ManualsBrandsCTC Union ManualsComputer equipmentSHDSL
81828384858687888990
90
There are three level of firewall which you can setup in this product.
Level one, basic, only enables the NAT firewall and the remote management security. The NAT firewall
will take effect if NAT function is enabled. The remote management security is default to block any WAN
side connection to the device. Non-empty legal IP pool in ADMIN will block all remote management
connection except those IPs specified in the pool.
Level two, automatic, enables basic firewall security, all DoS protection, and the SPI filter function.
Level three, advanced, is an advanced level of firewall where user can determine the security level for
special purpose, environment, and applications by configuring the DoS protection and defining an extra
packet filter with higher priority than the default SPI filter. Note that, an improper filter policy may
degrade the capability of the firewall and/or even block the normal network traffic.
The firewall security level can configure via level command.
14.16.14 Packet Filtering
Packet filtering function can be configured by pkt_filter command. Move the cursor to pkt_filter and
press enter.
>> active Tigger packet filtering function
drop_flag Drop fragment packets
add Add packet filtering rule
delete Delete packet filtering rule
modify Modify packet filtering rule
exchange Exchange the filtering rule
list Show packet filtering table
To enable the packet filtering function, you can use active command.
Add the packet filtering rule via add command.
>> protocol Configure protocol type
direction Configure direction mode
src_ip Configure source IP parameter
dest_ip Configure destination IP parameter
port Configure port parameter (TCP and UDP only)
tcp_flag Configure TCP flag (TCP only)
icmp_type Configure ICMP flag (ICMP only)
description Packet filtering rule description
enable Enable the packet filtering rule
begin The schedule of beginning time
end The schedule of ending time
action Configure action mode
14.16.15 DoS Protection
DoS protection parameters can be configured in dos_protection menu. Move the cursor to