Chapter 11 Firewall

 

Table 51 SECURITY > FIREWALL > Rule Summary > Edit

 

LABEL

DESCRIPTION

 

Action for

Use the drop-down list box to select what the firewall is to do with packets that

 

Matched Packets

match this rule.

 

 

Select Drop to silently discard the packets without sending a TCP reset packet or

 

 

an ICMP destination-unreachable message to the sender.

 

 

Select Reject to deny the packets and send a TCP reset packet (for a TCP packet)

 

 

or an ICMP destination-unreachable message (for a UDP packet) to the sender.

 

 

Select Permit to allow the passage of the packets.

 

 

Note: You also need to configure NAT port forwarding (or full

 

 

featured NAT address mapping rules) if you want to allow

 

 

computers on the WAN to access devices on the LAN.

 

 

Note: You may also need to configure the remote management

 

 

settings if you want to allow a WAN computer to manage the

 

 

ZyWALL or restrict management from the LAN.

 

 

 

 

Apply

Click Apply to save your customized settings and exit this screen.

 

 

 

 

Cancel

Click Cancel to exit this screen without saving.

 

 

 

11.10 Anti-Probing

Click SECURITY > FIREWALL > Anti-Probingto open the following screen. Configure this screen to help keep the ZyWALL hidden from probing attempts. You can specify which of the ZyWALL’s interfaces will respond to Ping requests and whether or not the ZyWALL is to respond to probing for unused ports.

Figure 139 SECURITY > FIREWALL > Anti-Probing

 

211

ZyWALL 2 Plus User’s Guide