SpeedStream Router User Guide
Step 3: Select a protocol to filter:
•In the Select by Name list box, select the protocol name. - or -
In the Select by Number text box, enter the protocol number.
Depending on the protocol you selected in Step 3, select the applicable rule options:
•If you selected TCP/UDP in Step 3, go to Step 4a.
•If you selected ICMP in Step 3, go to Step 4b.
•If you selected any other protocol in Step 3, go to Step 5.
Step 4a: If TCP/UDP chosen in Step 3, select the desired rule options:
1.Specify Source Port Operator options:
•Select the source port operator.
•Enter the first port number.
•If applicable, enter the second port number.
2.Specify Destination Port Operator options:
•Select the destination port operator.
•Enter the first port number.
•If applicable, enter the second port number.
•If applicable, select Apply rule only to TCP connections that are already established.
•If applicable, select Check syn packets for TCP connectors.
Step 4b. If ICMP chosen in Step 3, select the desired ICMP rule options.
•From the table, select one or multiple options; or click All Types to automatically select all options.
Step 5. Apply the rule definition, clear the form, or reset the form.
•To accept the settings, click Apply.
ADS (Attack Detection System)
The firewall Advanced Attack Detection System (ADS) contains various algorithms to detect and identify WAN attacks the moment they start and protect the LAN from such attacks. Though WAN access may be temporarily hindered, the LAN is protected from harmful traffic.
ADS typically looks for two types of packets: malformed packets and spoofed source address packets.
•Malformed packets have been purposefully constructed with errors in them. These are used to crash systems that don’t properly handle the errors. This type of attack usually happens against large sites rather than home users.
32