DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual
4-2 Security and Firewall Protection
v1.0, April 2007
About Service Based Rules
The rules to block traffic are based on the traffic’s category of service.
•Inbound rules (allow port forwarding). Inbound traffi c is normally blocked by the firewall
unless the traffic is in response to a request from the LAN side. The firewall can be configured
to allow this otherwise blocked traffic.
•Outbound rules (service blocking). Outbound traffic is normally allowed unless the firewall
is configured to disallow it.
•Customized services. Additional services can be added to the list of services in the factory
default list. These added services can then have rules defined for them to either allow or block
that traffic.
•Quality of service (QoS) priorities. Each service at its own native priority that impacts its
quality of performance and tolerance for jitter or delays. You can change this QoS priority if
desired to change the traffic mix through the system.
A firewall has two default rules, one for inbound traffic and one for outbound traffic. The default
rules of the DGFV338 are:
•Default Inbound Policy. Block all inbound traffic to the LAN from the Internet (WAN),
except responses to requests from the LAN. To allow computers from the WAN to access
services on the LAN, a firewall rule for each service must be added.
•Default Outbound Policy.Allow all traffic from the LAN to pass through to the Internet.
Firewall rules can then be applied to block specific types of traffic from going out from the
LAN to the WAN.
The Default Outbound Policy is shown in the LAN-WAN Rules table of the Firewall Rules sub-
menu (under Security on the main menu) in Figure 4-1: