Setup guide

ManualsBrandsD-Link ManualsComputer equipmentDWL-500 - 11Mb Wireless LAN PCI Network Card

211

212

213

214

215

216

217

218

219

220

Specifications

Packages required: system

License required: level1 (P2P filters limited to 1), level3

ip firewall

Standards and Technologies: IP

Hardware usage: Increases with filtering rules count

Related Documents

• Package Management

• IP Addresses and ARP

• Routes, Equal Cost Multipath Routing, Policy Routing

• Network Address Translation

•

Description

Network firewalls keep outside threats away from sensitive data available inside the network.

Whenever different networks are joined together, there is always a threat that someone from outside

of your network will break into your LAN. Such break-ins may result in private data being stolen

and distributed, valuable data being altered or destroyed, or entire hard drives being erased.

Firewalls are used as a means of preventing or minimizing the security risks inherent in connecting

to other networks. Wandy RouterOS implements wide firewalling features as well as

masquerading capabilities, which allows you to hide your network infrastructure from the outside

world.

Packet Flow

Description

Wandy RouterOS simplifies the creation and deployment of sophisticated firewall policies. In

fact, you can easily create a simple one to filter your traffic or enable source NAT without need to

know how packets are processed in the router. But in case you want to deploy more complicated

policies, it is worth to know the underlying process details. IP packet flow through the router is

depicted in the following diagram:

As we can see, a packet can enter the conveyer in two ways: whether the packet has come from an

interface or whether it has been originated by the router. Analogically, a packet has two ways to

leave the conveyer: through an outgoing interface or, in case the packet is locally destined, in the

local process.

When the packet arrives to the router's interface, firewall rules are applied in the following order:

• The NAT rules are applied first. The firewall rules of the input chain and routing are applied

after the packet has passed the NAT rule set.

• If the packet should be forwarded through the router, the firewall rules of the forward chain are

applied next.

• When a packet leaves an interface, firewall rules of the output chain are applied first, then the