DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual

About Service Based Rules

The rules to block traffic are based on the traffic’s category of service.

Inbound rules (allow port forwarding). Inbound traffic is normally blocked by the firewall unless the traffic is in response to a request from the LAN side. The firewall can be configured to allow this otherwise blocked traffic.

Outbound rules (service blocking). Outbound traffic is normally allowed unless the firewall is configured to disallow it.

Customized services. Additional services can be added to the list of services in the factory default list. These added services can then have rules defined for them to either allow or block that traffic.

Quality of service (QoS) priorities. Each service at its own native priority that impacts its quality of performance and tolerance for jitter or delays. You can change this QoS priority if desired to change the traffic mix through the system.

A firewall has two default rules, one for inbound traffic and one for outbound traffic. The default rules of the DGFV338 are:

Default Inbound Policy. Block all inbound traffic to the LAN from the Internet (WAN), except responses to requests from the LAN. To allow computers from the WAN to access services on the LAN, a firewall rule for each service must be added.

Default Outbound Policy.Allow all traffic from the LAN to pass through to the Internet. Firewall rules can then be applied to block specific types of traffic from going out from the LAN to the WAN.

The Default Outbound Policy is shown in the LAN-WAN Rules table of the Firewall Rules sub- menu (under Security on the main menu) in Figure 4-1:

4-2

Security and Firewall Protection

v1.0, April 2007

Page 74
Image 74
NETGEAR DGFV338 manual About Service Based Rules