![CONEL SPECTRE v3 ERT — настройка брандмауэра: управление доступом и фильтрация пакетов [56/136]](/icons/site-icon-64.png){kind=icon}
CONEL SPECTRE v3 ERT — настройка брандмауэра: управление доступом и фильтрация пакетов [56/136]
Превью страниц
Страница 56 /
136
![CONEL SPECTRE v3 ERT [56/136] Firewall configuration](/views2/1190478/page56/bg38.png)
4. CONFIGURATION
4.8 Firewall Configuration
The first security element which incoming packets pass is a check of the enabled source
IP addresses and destination ports. You can specify the IP addresses as an IP address from
which you can remotely access the router and the internal network connected behind a router.
To enable this function, marking the Enable filtering of incoming packets check box located
at the top of the Firewall Configuration page. Accessibility is checked against the IP address
table. This means that access is permitted only to addresses specified in the table. It is pos-
sible to specify up to eight remote IP addresses for access. You can specify the following
parameters:
Item Description
Source IP address from which access to the router is allowed.
Protocol Specifies the protocol used for remote access:
• all – Access for all protocols is active.
• TCP – Access for the TCP protocol is active.
• UDP – Access for the UDP protocol is active.
• ICMP – Access for the ICMP protocol is active.
Target Port The port number on which access to the router is allowed.
Action Specifies the type of action the router performs:
• allow – The router allows the packets to enter the network.
• deny – The router denies the packets from entering the network
Table 31: Filtering of Incoming Packets
The next section of the configuration form specifies the forwarding policy. If you unmark
the Enabled filtering of forwarded packets check box, then packets are automatically accepted.
If you activate this function, and a packet is addressed to another network interface, then the
router sends the packet to the FORWARD chain. When the FORWARD chain accepts the
packet and there is a r ule for forwarding it, the router sends the packet. If a forwarding rule is
unavailable, then the router drops the packet.
This configuration form also contains a table for specifying the filter rules. It is possible
to create a rule to allow data with the selected protocol by specifying only the protocol, or to
create stricter rules by specifying values for source IP addresses, destination IP addresses,
and ports.
47
Содержание
233- Firmware version
- Used symbols
- Gpl licence
- Contents
- Contents
- List of figures
- List of figures
- List of figures
- List of tables
- List of tables
- Standard equipment
- Optional features
- Basic information
- Advantages in relation to v2 concept
- This configuration manual describes
- Configuration options
- Configuration
- Basic information
- Access to the web configuration
- Access to the web conf
- Preventing the domain disagreement message
- Access to the web conf
- Status
- Mobile connection
- General status
- Status
- Primary lan secondary lan tertiary lan wifi
- Peripheral ports
- System information
- Status
- Status
- Mobile wan status
- Status
- Status
- Status
- Wifi scan
- Status
- Status
- Status
- Network status
- Status
- Status
- Dhcp status
- Status
- Ipsec status
- Dyndns status
- System log
- Status
- Status
- Lan configuration
- Lan configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Vrrp configuration
- Vrrp configuration
- Configuration
- Configuration
- Configuration
- Mobile wan configuration
- Mobile wan configuration
- Connection to mobile network
- Configuration
- Configuration
- Dns address configuration
- Dns address configuration
- Configuration
- Check connection to mobile network configuration
- Check connection to mobile network configuration
- Switch between sim cards configuration
- Switch between sim cards configuration
- Data limit configuration
- Data limit configuration
- Configuration
- Configuration
- Pppoe bridge mode configuration
- Pppoe bridge mode configuration
- Configuration
- Configuration
- Configuration
- Pppoe configuration
- Pppoe configuration
- Configuration
- Wifi configuration
- Wifi configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Wlan configuration
- Wlan configuration
- Configuration
- Configuration
- Configuration
- Backup routes
- Configuration
- Firewall configuration
- Firewall configuration
- Configuration
- Configuration
- Example of the firewall configuration
- Configuration
- Configuration
- Nat configuration
- Configuration
- Nat configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Openvpn tunnel configuration
- Openvpn tunnel configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Ipsec tunnel configuration
- Ipsec tunnel configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Gre tunnels configuration
- Gre tunnels configuration
- Configuration
- Configuration
- Configuration
- L2tp tunnel configuration
- L2tp tunnel configuration
- Configuration
- Configuration
- Pptp tunnel configuration
- Pptp tunnel configuration
- Configuration
- Configuration
- Dyndns configuration
- Dyndns configuration
- Configuration
- Ntp configuration
- Ntp configuration
- Configuration
- Snmp configuration
- Snmp configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Smtp configuration
- Smtp configuration
- Configuration
- Configuration
- Sms configuration
- Sms configuration
- Configuration
- Configuration
- Sending sms
- Configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Expansion port configuration
- Expansion port configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Usb port configuration
- Usb port configuration
- Configuration
- Configuration
- Configuration
- Configuration
- Startup script
- Configuration
- Up down script
- Configuration
- Configuration
- Automatic update configuration
- Automatic update configuration
- Configuration
- Customization
- User modules
- Customization
- Administration
- Change profile
- Change profile
- Administration
- Set real time clock
- Change password
- Administration
- Unlock sim card
- Set sms service center address
- Administration
- Restore configuration
- Backup configuration
- Backup configuration
- Administration
- Send sms
- Restore configuration
- Update firmware
- Administration
- Reboot
- Administration
- Configuration in typ situations
- Configuration in typ situations
- Access to the internet from lan
- Configuration in typ situations
- Configuration in typ situations
- Backup access to the internet from lan
- Configuration in typ situations
- Configuration in typ situations
- Configuration in typ situations
- Configuration in typ situations
- Secure networks interconnection or using vpn
- Configuration in typ situations
- Serial gateway
- Configuration in typ situations
- Configuration in typ situations
- Glossary and acronyms
- Glossary and acronyms
- Glossary and acronyms
- Glossary and acronyms
- Glossary and acronyms
- Recommended literature
Похожие устройства
-
CONEL CGU 04iИнструкция по эксплуатации -
CONEL CDX 800Инструкция по эксплуатации -
CONEL CDA 70Технические характеристики -
CONEL CDA 70Инструкция по эксплуатации -
CONEL XR5i v2EРуководство по конфигурации -
CONEL XR5i v2EТехнические характеристики -
CONEL XR5i v2EРуководство по подключению -
CONEL XR5i v2EИнструкция по эксплуатации
-
CONEL XR5i v2FТехнические характеристики
-
CONEL XR5i v2FРуководство по конфигурации
-
CONEL XR5i v2FИнструкция по эксплуатации
-
CONEL CR10 v2Руководство по подключению
Изучите, как настроить брандмауэр для управления доступом к роутеру и фильтрации входящих пакетов. Узнайте о параметрах IP-адресов и протоколов.
