DI-304/DI-304M ISDN Remote Router
!= : If the End Port is empty, the port number is not equal
to the value of the Start Port. Otherwise, this port number is not between the Start Port and the End Port (including the Start Port and End Port).
>: Specify the port number is larger than the Start Port
(includes the Start Port).
<: Specify the port number is less than the Start Port (includes the Start Port).
♦Keep State – When checked, protocol information about the TCP/UDP/ICMP communication sessions will be kept by the IP Filter/Firewall (the Firewall Protocol option requires that TCP or UDP or TCP/UDP or ICMP be selected for this to operate correctly).
♦Source Route – When Checked, the IP options of source routing will be applied for the rule.
♦Fragments – Specify a fragmented packets action.
◊Don't Care - Specify no fragment options in the filter rule.
◊Unfragmented - Apply the rule to unfragmented packets.
◊Fragmented - Apply the rule to fragmented packets.
◊Too Short - Apply the rule only to packets that are too short to contain a complete header.
Restricting Unauthorized Internet Services
This section will show a simple example to restrict access of WWW from certain locations. In this example, we assume the IP address of the
65