Product specifications
Efficient Networks
®
Router family
Technical Reference Guide
Chapter 5: System Security
Efficient Networks
®
Page 5-29
Example 4: Medium Security Firewall
The following lists the filters installed when you request medium security via the Web
management interface.
# For DSL routers
# Flush all existing filters
remote ipfilter flush input internet
remote ipfilter flush output internet
remote ipfilter flush transmit internet
remote ipfilter flush receive internet
eth ip filter flush input
eth ip filter flush output
eth ip filter flush transmit
eth ip filter flush receive
# Allow ICMP replies, requests, and errors from the WAN
remote ipfilter insert input accept -p icmp -sp 0 internet
remote ipfilter insert input accept -p icmp -sp 3 internet
remote ipfilter insert input accept -p icmp -sp 8 internet
remote ipfilter insert input accept -p icmp -sp 11 internet
# Allow ICMP ECHO REPLY, REQUEST to the WAN
remote ipfilter insert output accept -p icmp -sp 0 internet
remote ipfilter insert output accept -p icmp -sp 8 internet
# Telnet from LAN to WAN will be accepted
remote ipfilter insert input accept -p tcp -sp 23 internet
remote ipfilter insert output accept -p tcp -dp 23 internet
# SSL accepted
remote ipfilter insert input accept -p tcp -sp 443 internet
remote ipfilter insert output accept -p tcp -dp 443 internet
# HTTP from LAN to WAN will be accepted
remote ipfilter insert input accept -p tcp -sp 80 internet
remote ipfilter insert output accept -p tcp -dp 80 internet
# FTP from LAN to WAN will be accepted
remote ipfilter insert input accept -p tcp -sp 20:21 internet
remote ipfilter insert output accept -p tcp -dp 20:21 internet
# DNS from LAN to WAN will be accepted
remote ipfilter insert input accept -p udp -sp 53 internet
remote ipfilter insert output accept -p udp -dp 53 internet
# L2TP will be accepted
remote ipfilter insert input accept -p udp -sp 1701 internet
remote ipfilter insert output accept -p udp -dp 1701 internet