beautypg.com

Asus RX3141 User Manual

Page 63

background image

RX3141 User’s Manual

Chapter 9. Configuring Firewall/NAT Settings

53

Field

Description

Subnet

This option allows you to include all the computers that are connected in an
IP subnet. When this option is selected, the following fields become
available for entry:

Address

Enter the appropriate IP address.

Mask

Enter the corresponding subnet mask.

Self (for self access
rule only)

Indicates the router itself.

Destination IP

This option allows you to set the destination network to which this rule should apply. Use the drop-
down list to select one of the following options:

Any

This option allows you to apply this rule to all the computers in the local
network for inbound traffic or any computer in the Internet for outbound
traffic..

IP Address, Subnet

Select any of these options and enter details as described in the Source IP
section above.

Self (for self access
rule only)

Indicates the router itself.

Domain

In order for this option to work, user’s PC must use RX3141 as its DNS
server. The domain name variable / IP addresses association is cleared
after every system restart. Multiple ACL rules can be associated to the same
domain name / IP addresses association.

f Maximum of 30 domain name variables is supported.
f Each domain name variable / IP addresses association is updated

only when the LAN client issues the DNS query to RX3141. For
example, when entering the address “http://www yahoo.com” on
your browser, RX3141 will update the IP address association w/

www.yahoo.com

in the internal database referenced by the firewall.

f Each domain name variable can be associated up to 256 IP

addresses.

f Wild card character “*” is allowed in the domain name Its usage is

illurstrated in the following examples:

1. www.google.* : match www.google.com and ww.google.net

and does not match www.google.com.tw

2. www.google.*.*:

match www.google.com.tw, and

www.google.com.sg and does not match www.google.com

3. .com.tw : match www.google.com.tw, www.com.tw and does

not match com.tw

4. *.com : match google.com and abc.com and does not match

www.google.com, com

5. *: match any domain name

6. . (a single dot): match any domain name

Source Port

This option allows you to set the source port to which this rule should apply. Use the drop-down list to
select one of the following options:

Any

Select this option if you want this rule to apply to all applications with an