An approach to using filters – ARRIS 2247-N8-10NA (v9.1.x) User Manual User Manual
Page 91

Motorola 2247-N8 DSL Wi-Fi Gateway User Guide
Please visit
www.motorola.com/us/support
for FAQs and additional product documentation.
91
Consider the combined effect of the rules. Because packets that don't match any rule are implicitly allowed, you may want to consider adding
a catch-all rule as your final rule that exhibits the desired behavior for otherwise-unmatched packets. Be careful that you don't preclude nec-
essary traffic. (Since packet filters only apply to packets traveling through the 2247-N8, and not to it, you need not worry that you will lock
yourself out from being able to re-configure the device via a Web browser.)
An approach to using filters
The ultimate goal of network security is to prevent unauthorized access to the network without compromising authorized access. Using the packet fil-
ter is part of reaching that goal.
Each rule you design will be based on one of the following approaches:
That which is not expressly prohibited is permitted.
That which is not expressly permitted is prohibited.
It is strongly recommended that you take the latter, and safer, approach to all of your rule designs. If you do so, you should create a catch-all rule as
your final rule.
How to -
control packet filter operation:
Open the
Firewall > Packet Filter
page.
The 2247-N8 Packet Filter is enabled by default, but it does not have any custom packet filter rules applied. The Packet Filter system may be
enabled or disabled (turned on or off) by clicking the
Disable Packet Filters
/
Enable Packet Filters
button on the Firewall > Packet Filter page.
How to -
add and create packet filter rules:
Open the
Firewall > Packet Filter
page.
1. Click on the type of packet filtering rule you wish to create:
Click
Add a Pass Rule
to create a new rule that expressly permits a packet that meets the rules criteria
Click
Add a Drop Rule
to make a new filter rule that blocks a packet that meets the rules criteria.