ICMP(all) - Filter
This fil ter per mits the “ping” pro gram to be used, for ex am ple to check the avai la bi li ty and ac ces si bi li ty of com pu ters
in the In ter net and to mea su re the trans fer time of IP pa ckets to the se com pu ters. This can be use ful, for ex am ple, for
lo ca ting the ser ver with the most ra pid re spon se time for In ter net ga mes. When you ac ti va te this fil ter you can al so
re ach the rou ter using the “ping” pro gram, but not any com pu ter in the LAN “be hind” (i.e. downcir cuit) of the rou -
ter, as the se are pro tec ted by NAT. This fil ter en ab les all ICPM pro to cols, and not on ly tho se used for »ping«. If ne ces -
sa ry you can set furt her re stric tions for this fil ter by ha ving on ly ICMP pro to cols 0 and 8 en ab led (echo-re quest,
echo-re ply). Over all se cu ri ty is in crea sed when you do not ac ti va te this fil ter, as the firewall can not be easily located
by a simple »ping« from a port scan program.
SSH - Filter
This fil ter per mits the use of the 443 ser vi ce pro gram me on com pu ters in the In ter net by en ab ling pa ckets to port xxx
for out going con nec tions and in co ming pa ckets from that port to non-pri vi le ged ports.
TELNET - Filter
This fil ter per mits the use of the tel net ser vi ce pro gram me at com pu ters in the In ter net by en ab ling pa ckets to port 23
for out going con nec tions and in co ming pa ckets from this port to non-pri vi le ged ports.
P2P - Filter
This fil ter al lows peer-to-peer (P2P) fi le sha ring soft wa re to be used. The fol lo wing ports are en ab led to pro vi de one
sing le fil ter for the va ri ous P2P systems:
Incoming packets:
· from port 80 to non-pri vi le ged ports
· from port 1214 to non-pri vi le ged ports
· from non-pri vi le ged ports to port 80
· from non-pri vi le ged ports to non-pri vi le ged ports
Outgoing packets:
· from non-pri vi le ged ports to port 80
· from non-pri vi le ged ports to port 1214
· from non-pri vi le ged ports to port 4661
· from non-pri vi le ged ports to non-pri vi le ged ports. With this fil ter the fi re wall is wide open!
Ga ming - Fil ter
· Use this fil ter to play In ter net ga mes. The fol lo wing port en ab les have been pro vi ded:
Incoming packets:
· from port 7002 to non-pri vi le ged ports for TCP from non-pri vi le ged ports to non-pri vi le ged ports for UDP
Outgoing packets:
· from port 7002 to non-pri vi le ged ports for TCP from non-pri vi le ged ports to non-pri vi le ged ports for UDP
Fil ter Wi zard Con fi gu re fi re wall fil ters
27
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels