Siemens E-110-I Field Description Log Option, Security Level, Log Tag, Start/End Time, Protocol

Page 66

SIEMENS ADSL E-110_E-110-I user manual

Field

Description

Log Option

When Enabled is selected, a log entry will be created on the system each time

 

this rule is invoked.

 

 

Security Level

The security level that must be enabled globally for this rule to take affect. A rule

 

will be active only if its security level is the same as the globally configured setting

 

(shown on the main IP Filter page). For example, if the rule is set to Medium and

 

the global firewall level is set to medium, then the rule will be active; but if the

 

global firewall level is set to high or low, then the rule will be inactive.

 

 

Blacklist Status

Specifies whether or not a violation of this rule will result in the offending

 

computer's IP address being added to the Blacklist, which blocks the router from

 

forwarding packets from that source for a specified period of time.

 

 

Log Tag

A description of up to 16 characters to be recorded in the log in the event that a

 

packet violates this rule. Be sure to set the Log Option to Enable if you configure a

 

Log Tag.

 

 

Start/End Time

The time range during which this rule is to be in effect, specified in military units.

 

 

Src IP Address

IP address criteria for the source computer(s) from which the packet originates.

 

Use the following expression to specify IP:

 

any: any source IP address.

 

lt: less than

 

lteq: less than or equal to.

 

gt: greater than

 

eq: equal to

 

neq: not equal to

 

range: within the specified range, inclusive.

 

out of range: outside the specified range.

 

self: the IP address of the router interface on which this rule takes effect.

 

 

Dest IP Address

IP address rule criteria for the destination computer(s) (i.e., the IP address of the

 

computer to which the packet is being sent).

 

In addition to the options described for the Src IP Address field, the following

 

option is available:

 

bcast: Specifies that the rule will be invoked for any packets sent to the broadcast

 

address for the receiving interface. (The broadcast address is used to send packets

 

to all hosts on the LAN or subnet connected to the specified interface.) When you

 

select this option, you do not need to specify the address, so the address fields

 

are dimmed.

 

 

Protocol

The basic IP protocol criteria that must be met for rule to be invoked. Using the

 

options in the drop-down list, you can specify that packets must contain the

 

selected protocol (eq), that they must not contain the specified protocol (neq), or

 

that the rule can be invoked regardless of the protocol (any). TCP, UDP, and ICMP

 

are commonly IP protocols; others can be identified by number from 0 to 255, as

 

defined by IANA.

 

 

Apply Stateful

If this option is enabled, then stateful filtering is performed and the rule is also

Inspectation

applied in the other direction on the given interface during an IP session.

 

 

Source Port

Port number criteria for the computer(s) from which the packet originates.

 

This field will be dimmed (unavailable for entry) if you have not specified a

 

protocol criteria.

 

See the description of Src IP Address for the selection options.

 

 

60

Rev:01_040220

Page 65 Page 67
Image 66
Page 65 Page 67
Contents Siemens Adsl E-110/E-110-I For Using Safety NotesFor Installation For ServiceContent IiiRIP Configuration Advanced Configuration via Web browserNAT Configuration Administration TasksContents Appendix SpecificationPage Features Before You UseConfiguration and Management System RequirementsUnpacking Physical Outlook LED Indicators Front Panel System MessagesOverview Front PanelRear PanelRear Panel Ethernet9V 1A Analog Pstn installation InstallationConnecting the Adsl Router Choosing a place for the Adsl RouterIsdn installation Isdn NTUSB driver installation Install the USB driverUninstall the USB driver Click Start Programs Siemens DSL Modem UninstallConfiguration Configure TCP/IP on Client PCFor Windows Page Rev01040220 Page For Windows 98 and Windows 98 SE Your network interface card When returning to Network window, click OK Rev01040220 Page For Windows ME For Windows NT Page Page Page For Windows Page Page For Windows XP Click Internet ProtocolTCP/IP and then click OKFor Macintosh OS 8.6 For Macintosh OS From the Apple Menu, select System Preferences…Close the Network window Renew IP Address on Client PC For Windows ME For Windows Quick Configuration via Web browser Internet AccessClick Connect and Save Advanced Configuration via Web browser Main Menu Commonly Used Buttons and IconsViewing Basic System Information Quick Configuration Rebooting the device using Configuration Manager Committing Changes to Permanent StorageSub-Menus DSLNAT Advanced Configuration Configuring IP RoutesDhcp Configuration Configuring Dhcp ServerPart 1. Creating IP address pools Part 2. Enabling Dhcp Server Mode Viewing Current Dhcp Address Assignments Part 3. Configuring your PCs as Dhcp clientsModifying Address Pools Select Lan Dhcp ServerConfiguring Dhcp Relay Part 2. Enabling Dhcp relay modePart 1. Defining the Dhcp relay interfaces NAT Configuration Viewing Your NAT ConfigurationThese private IP addresses Are translated to FieldDescription Page Viewing NAT Rules and Rule Statistics Viewing Current NAT TranslationsField Description Adding NAT Rules Rdr rule Allowing external access to a LAN computer Basic rule Performing 11 translations Bimap rule Performing two-way translations Page RIP Configuration Configuring the RIPSelect a Send Mode and a Receive Mode Viewing RIP Statistics Firewall Configuration Firewall, IP Filters and Blocked ProtocolsMax Icmp Conn Mail ID of Admin 1/2/3Field Description Max Half open TCP Conn Max Single Host ConnIP Filter Configuration Viewing Your IP Filter ConfigurationConfiguring IP Filter Global Settings Action Creating IP Filter RulesField Description Rule ID DirectionLog Tag Field Description Log OptionSecurity Level Start/End TimeIcmp Type Field Description Dest PortTCP Flag Icmp CodeIP filter rule examples Specify Protocol eq TCPViewing IP Filter Statistics To Block Specific Protocols Managing Current IP Filter SessionsChanging Your Login Password Administration TasksUser Configuration Changing the System Date and TimeImage Upgrade Select Admin Local Image UpgradeAdding a New User View System Alarms DiagnosticsPort Settings View DSL Parameters Page Connection Modes Bridge ModePart 1 Configuring the Adsl Router Creating an ATM VCC interfaceMux Type Creating an EoA interfaceField Description VC Interface Max Proto per AAL5Enable Bridging function LAN configurationSelect Bridge LAN Config Part 2 Check your connection status PPP Connection ModePart 3 Configuring the PC Commit your changesCreating a PPP interface Select the ATM VC you created, e.g. aal5-0Interface Sec Type Select Public Password Service NameLogin Name Field Description Status Select Start or StartOnDataRouter Connection Mode Creating a IPoA interface Internet Access TroubleshootingProblem Troubleshooting Suggestion LEDs Configuration Manager ProgramProblem Troubleshooting Suggestion Upgrading Error Message Possible cause ActionGlossary UDP User Datagram Protocol PVC Permanent Virtual CircuitRIP Routing Information Protocol Virtual ServerAppendix Specification SoftwareRegulatory Approvals and Compliance Power Requirement and Operation Environment RequirementHardware Physical
Top Page Image Contents