Firewall rules ?

Discussion in 'Hardware' started by Vision Master, Jun 4, 2003.

  1. Vision Master

    Vision Master Private E-2

    Hi I need some help setting up my firewall on my router. It is a DI-614+ What goes in the source and destination IP range start and IP range end boxes? Does it want my Lan IP address or my Wan IP address or my default gateway address or a combo of these. Also What should go into the protocol port range? Sorry for the long post ,I am new to this network stuff and the manuel that came with this router is not very clear on how to set it up. I have attched a screen shot of the setup screen.
    Thanks
     

    Attached Files:

  2. Draith

    Draith Private E-2

    hey vision master,

    unfortunately I can't help you with everything dealing with your firewall, but i can help a bit. I'm also pretty positive that someone else out here can elaborate further and give better description (correct my errors, and anything i miss). Disclaimer aside, here's what i see:

    First off, this page is for Firewall Rules - meaning individual things for your firewall to look for and either allow or deny, mainly connections from outside your network or inside your network.

    From what i see, in order to write your own rules for the firewall, you need to first enable the option (at the top of the page) and then you can begin writing each rules - giving them descriptive names and setting them either as a rule for allowing this kind of access, or denying.

    Now i'm going to guess that the source and destination IPs are rather arbitrary in whether they're within your LAN or on the WAN (btw, you may claim to be new, but most people newer than you would not even know the idea of WAN - aka usually the internet). The main rule between source and destination IPs would be that they would be that one would be a LAN IP and the other a WAN IP - although I can probably see both being LAN IPs in certain cases. None the less, which boxes you place the addresses in determines if the firewall will be listening for outgoing connections or incoming connections.

    The IP range refers to ... well ... the range of IP addresses that the rule will look for. This is useful because you may want to filter out the IP addresses coming from an individual domain. These could be a singular IP address for a small domain - and there for the two entries for the range would be the same; or there could be a set of IP addresses for a larger domain. Since IP addresses are read from left to right, the range would occur in the last set of numbers (look for varification - i'm no massive expert in networking :) ).

    One thing I would be curious in seeing, that i can't tell from your graphic, is what options are given underneath the heading "Interface". Please get back to us on that.

    Now the protocol listing helps determine the protocols that will be listened for in this rule, these can include:
    TCP - the standard data transfer connection (Transmission Control Protocol)
    UDP - a datagram protocol for finding out data on a site
    ICMP - Internet Control Message Protocol (essentially for testing the line of communication between computers, error control, etc..)

    The port range lists what ports to listen for. Ports are the "virtual" sockets on a computer where specific programs listen for other programs. Some common ports and their uses would be:
    httpd - port 80 - probably most commonly used. for web servers
    ftpd - port 21 - for the file transfer protocol. ftp servers tend to listen at this port
    smtp - port 25 - the sendmail program for sending out emails from a server
    For a further list, check out:
    [url]http://www.wemanageservers.com/monitoring/port_monitoring/common_ports/common_ports.html[/URL]

    The Schedule option tells the rule when it should use this rule. Always means it will always check for when this rule occurs. Setting a time for the rule, means it will only check for when this rule occurs at those set times, the rest of the time it won't be on and the connection will do what it normally does without the rule.

    Hope this helps clear things up. Hope others will clear up what i said ;)

    ciao!
    o Draith
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds