2.15. Configuring Advanced Settings

2.15.1.Filters and Firewall

2.15.1.1.Packet Filters

Fig. 99. Packet filters settings.

You can specify rules for the firewall component of the Router to check outgoing packets. Packets that meet the rules can be permitted or denied. The protocol field, source IP address field, destination IP address field, and destination port field of a packet’s IP header are inspected to see if it meets a rule. A packet that meets a rule can be dropped (Block) or accepted (Accept) as specified in the Action setting of the rule. Packets that do not meet any rules can be dropped (Discard) or accepted (Pass) as specified in the Policy setting.

A rule is composed of 5 parts:

„What to do if a packet meets this rule (Action)

„Protocol type

‹All

‹ICMP

‹TCP

‹UDP

„Source IP address range (Source IP Address AND Source Subnet Mask)

„Destination IP address range (Destination IP Address AND Destination Subnet Mask)

„Port ranges

A source (destination) IP address range is determined by performing an AND operation on the source (destination) IP address field and the source (destination) subnet mask field. For example, if the source IP address field is 192.168.0.1 and the source subnet mask field is 255.255.255.0, the resultant source IP address range is 192.168.0.0 to 192.168.0.255.

Up to 5 port ranges can be specified in a rule, and these ranges must be separated by commas. For example, “21,80,85-89,140,200-230” in the destination port field signifies 5 port ranges.

To set a rule for packet filtering:

1.Specify the protocol type, source IP address, source IP mask, destination IP address, desti- nation IP mask, and destination port for the rule. Then specify in the Action setting how to deal with a packet that meets the rule.

2.Select the corresponding Enabled check box.

60

Page 65
Image 65
Epson IWE3200-H Configuring Advanced Settings, Filters and Firewall, Packet Filters, To set a rule for packet filtering