RX3141 User’s ManualChapter 9. Configuring Firewall/NAT Settings
Field | Description |
Subnet | This option allows you to include all the computers that are connected in an |
| IP subnet. When this option is selected, the following fields become |
| available for entry: |
Address | Enter the appropriate IP address. |
|
|
Mask | Enter the corresponding subnet mask. |
|
|
Self (for self access | Indicates the router itself. |
rule only) |
|
This option allows you to set the destination network to which this rule should apply. Use the drop- down list to select one of the following options:
Any | This option allows you to apply this rule to all the computers in the local | |
| network for inbound traffic or any computer in the Internet for outbound | |
| traffic.. | |
IP Address, Subnet | Select any of these options and enter details as described in the Source IP | |
| section above. | |
|
|
|
Self (for self access | Indicates the router itself. |
|
| ||
rule only) |
|
|
|
|
|
Domain | In order for this option to work, user’s PC must use RX3141 as its DNS |
|
| ||
| server. The domain name variable / IP addresses association is cleared |
|
| after every system restart. Multiple ACL rules can be associated to the same |
|
| domain name / IP addresses association. |
|
| f Maximum of 30 domain name variables is supported. |
|
| f Each domain name variable / IP addresses association is updated |
|
| only when the LAN client issues the DNS query to RX3141. For |
|
| example, when entering the address “http://www yahoo.com” on |
|
| your browser, RX3141 will update the IP address association w/ |
|
| www.yahoo.com in the internal database referenced by the firewall. |
|
| f Each domain name variable can be associated up to 256 IP |
|
| addresses. |
|
| f Wild card character “*” is allowed in the domain name Its usage is |
|
| illurstrated in the following examples: |
|
| 1. www.google.* : match www.google.com and ww.google.net |
|
| and does not match www.google.com.tw |
|
| 2. www.google.*.*: match www.google.com.tw, and |
|
| www.google.com.sg and does not match www.google.com |
|
| 3. .com.tw : match www.google.com.tw, www.com.tw and does |
|
| not match com.tw |
|
| 4. *.com : match google.com and abc.com and does not match |
|
| www.google.com, com |
|
| 5. *: match any domain name |
|
| 6. . (a single dot): match any domain name |
|
|
|
|
This option allows you to set the source port to which this rule should apply. Use the
Any | Select this option if you want this rule to apply to all applications with an |
|
|
53