Confi gure > firewall 4.32 – Westermo MR Series User Manual

109

6622-3201

Web Interface and Command Line Reference Guide

www.westermo.com

Confi gure > Firewall

4.32

All models in the MR and DR range incorporate a comprehensive firewall facility. A firewall is a
security sys tem that is used to restrict the type of traffic that the router will transmit or receive,
based on a combi nation of IP address, service type, protocol type, IP flags, etc. Firewalls are used to
minimise the risk of unauthorised access to your local network resources by external users or to
restrict the range of external resources to which local users have access. A more detailed descrip-
tion of how firewalls oper ate on MR and DR routers is given in the “Firewall Scripts” section. If you
intend to implement a firewall you should refer to that section first.

The rules governing the operation of the firewall are contained in a pseudo-file called “FW.TXT”.
This file can be created either by using the controls on the Configure > Firewall web page, or
by using a text editor on your PC and then loading the resulting file into the unit (using FTP or
XMODEM).

Using the Web Page(s)

If you have not yet created a file called “FW.TXT” on the unit, the Configure > Firewall page will
ini tially contain a blank script with a button labelled Insert to the right. If you have created the file it
will be displayed in the top section of the screen with line numbers at the left and a series of but-
tons at the right that allow you to delete, edit or insert lines.

At the bottom of the screen are three more buttons labelled Reset, Save and Restore.

To create a new rule directly on the web page click on the Insert button at the right of the screen.
If there are already one or more lines in the file, there will be two Insert buttons, one next to the
line (which inserts a new line above the current line) and one on the line below (which inserts a
new line below the current line).

In either case a new text box will be created into which you can type the new rule. When you have
finished typing the rule press the OK button to add it to the file or Cancel to abandon the changes.
The unit will validate the rule and if it is valid it will add it to the file. If errors are detected it will
display a warning message with an indication of the error and you may then choose to edit the line
or delete it.

To edit an existing rule click on the Edit button to the right of the rule and then on OK or Cancel
when you have completed the changes.

To delete an existing line click on the Delete button to the right of it.

When you have completed your editing session, click on the Save button at the bottom of the
screen to copy it back to the “FW.TXT” pseudo-file. If you do not save the file any changes you
have made will be lost when the power is removed or the unit is rebooted.

If you wish to cancel all changes you have made during an editing session and you have not yet
saved them, you may click on the Restore button. This will copy the “FW.TXT” file to the screen.

The third button at the bottom of the screen labelled Reset Hit Counters allows you to zero the
rule hit counters shown at the left of each rule.

Current Interface Firewall Status:

This section of the page provides a list of interfaces on which the firewall may be enabled and
an indication of whether the firewall is currently “On” or “Off” for each interface. By clicking
on the name of the interface you can jump to the appropriate configuration page to change the
setting if necessary.