beautypg.com

Enabling security features, Controlling inbound and outbound traffic, Disabling attack detection – 2Wire Gateway None User Manual

Page 95: Enabling full logging

background image

Management and Diagnostic Console

90

Enabling Security Features

The Security pane allows you to configure the gateway’s firewall to provide additional security features.
Following are descriptions of the features.

Stealth Mode. Enabling Stealth Mode suppresses error responses (for example, TCP resets).

Block Ping. Enabling Block Ping blocks ping responses.

Strict UDP Session Control. Enabling Strict UDP Session Control prevents another source from
“piggybacking” onto a UDP session.

Controlling Inbound and Outbound Traffic

If an Inbound box is checked, the firewall allows the corresponding protocol to pass through from the
Internet to the network. If an Outbound box is checked, the firewall allows the traffic from the network to
pass through the firewall to the Internet. You must click the

Submit

button for changes to take effect.

Disabling Attack Detection

By default, the 2Wire gateway firewall rules block the attack types listed in the Attack Detection pane. Some
hosted applications require that the user open specific ports (for example, TCP or UDP) to allow outside
users to access their network. The Attack Detection pane allows you to configure the gateway’s firewall
rules to allow traffic through on the specified ports.

To disable attack detection for a specific port, deselect the corresponding checkbox and click the

Submit

button.

Enabling Full Logging

To log all packets, check the

Enable Full Logging

checkbox.

Note:

Allowing inbound traffic does not mean that the firewall automatically allows this type of

traffic to pass through the firewall to the network. Even if a particular protocol/application type
is allowed, the firewall still checks and blocks all unsolicited traffic from the Internet unless the
firewall is configured to allow the traffic through using an application profile.

Note:

When full logging is enabled, the gateway logs every packet. This will significantly

reduce overall system performance because the log buffer capacity will be reached more
quickly.