Product specifications
Chapter 5: System Security Efficient Networks
®
Router family
Technical Reference Guide
Page 5-30 Efficient Networks
®
# E-mail - SMTP and POP3 requests from LAN to WAN accepted
remote ipfilter insert input accept -p tcp -sp 25 internet
remote ipfilter insert output accept -p tcp -dp 25 internet
remote ipfilter insert input accept -p tcp -sp 110 internet
remote ipfilter insert output accept -p tcp -dp 110 internet
# Drop all packets
remote ipfilter append input drop internet
remote ipfilter append output drop internet
# Watch the results
remote ipfilter watch on internet
save
Example 5: Minimum Security Firewall
The following lists the filters installed when you request minimum security via the Web
management interface.
# Minimum security script for DSL routers
# For remote commands, input filters apply to traffic from the
WAN, and
# output filters apply to traffic to the WAN.
# Flush all existing filters
remote ipfilter flush input internet
remote ipfilter flush output internet
remote ipfilter flush transmit internet
remote ipfilter flush receive internet
eth ip filter flush input
eth ip filter flush output
eth ip filter flush transmit
eth ip filter flush receive
# Allow ICMP replies, requests, and errors from the WAN
remote ipfilter insert input accept -p icmp -sp 0 internet
remote ipfilter insert input accept -p icmp -sp 3 internet
remote ipfilter insert input accept -p icmp -sp 8 internet
remote ipfilter insert input accept -p icmp -sp 11 internet
# Allow ICMP ECHO REPLY, REQUEST to the WAN
remote ipfilter insert output accept -p icmp -sp 0 internet
remote ipfilter insert output accept -p icmp -sp 8 internet
# Telnet from LAN to WAN will be accepted
remote ipfilter insert input accept -p tcp -sp 23 internet
remote ipfilter insert output accept -p tcp -dp 23 internet