beautypg.com

Custom ip filter rules – Efficient Networks SpeedStream 5100 Series User Manual

Page 38

background image

SpeedStream Router User Guide

30

To disable DMZ:

1. On the Firewall – DMZ Configuration screen, click Disable DMZ.

2. To accept the settings, click Apply.

Custom IP Filter Rules

You can configure the SpeedStream Router firewall to perform IP filtering and stateful inspection of
packets. The firewall supports a rules database to allow sophisticated access tailoring. A network
conversation is first authorized by verifying the packet against the current rules database configured
within the firewall. If the first packet of a conversation is allowed, then a dynamic state engine takes over
and tracks that conversation. All protocols are tracked whether they are stream-based or not; i.e., ICMP,
UDP, TCP, GRE.

The filtering rules database gives you control over the configurable firewall rules. Rules can be filter-
based on any of the following:

Source and destination router interfaces

IP protocols

Direction of traffic flow

Source and destination network/host IP address

Protocol-specific attributes such as ICMP message types

Source and destination port ranges (for protocols that support them), and support for port comparison
operators such as less than, greater than, and equal to.

Rules can specifically allow or deny packets to flow through the router. Default actions taken when no
specific rule applies can also be configured.

Note

You must have previously selected Custom Level in the Firewall - Simple Setup & Control

screen.

Cloning a Rule Definition

You can create a new set of custom IP filter rules from one of the existing preconfigured firewall levels.
(See screenshot on next page.)

To clone an IP filter rule:

1. In the Clone Rules Definitions box, select the firewall level to copy.

2. Click Clone Rule Set. The Rules table refreshes to display the new rules for that level.

3. If you Want to change any of a rule’s criteria, click Edit in the row of that rule, and then complete

steps 1 through 5 as relevant (refer to the following section for detailed instructions.)

This manual is related to the following products:
See also other documents in the category Efficient Networks Hardware: