- System Info
- Broadband
- LAN
- Firewall
- Logs
- Diagnostics
This Page allows addition and removal of user defined Firewall rules. Firewall rules can either govern traffic coming into the gateway from the internet ("Input" rules) or traffic leaving devices connected to the gateway and destined out ("Output" rules). The rules can be "Allow" or "Deny", which either permit or deny specific traffic to flow through the gateway. Note that this page allows you to create packet filters to devices on the LAN or the Additional Network but not pinholes to NATed clients. To create pinholes, you must go to the Settings -> Firewall -> Applications, Pinholes and DMZ page.
To create a new rule, click on the '+' symbol on the bottom left of the dialog. This adds a new empty rule. Start by choosing whether it is an input or output rule. You must specify the source and destination IP addresses (IPv4 or IPv6 address). In order to do this you can enter an IP address (e.g. 10.37.42.0/24) or use the dropdown to select one of the machines on the local LAN or choose "Any IPv4 address," or "Any IPv6 address" (excluding DMZ+ and pinhole assigned addresses).You may then specify the protocol, destination port range and action ("Allow" or "Deny").
Protocol can be entered by number or by name. If entered by number it must be in the range of 1 to 143 inclusive. If entered by name, it must be one of "all" (or "any"), "ip", "icmp", "igmp", "ggp", "ipencap", "st", "tcp", "egp", "pup", "udp", "hmp", "xns-idp", "rdp", "iso-tp4", "xtp", "ddp", "idpr-cmtp", "ipv6", "esp", "ah", "rspf", "vmtp", "ospf", "ipip", "encap", "sctp", or "udplite".
Destination port range is optional (no source port range restriction applies). The left field is used to select the starting destination port range and the right field is used to select the ending destination port range.
Port specification is meaningful only for TCP and UDP protocols.
To add a rule, click on the Plus icon below the rules.
To delete a rule, click on the Delete on right side of a rule and then click on the Save Button at the bottom of the rules.
To modify a rule, change the values on an existing line, or alter the location of the rule in the rule set using the Up and Down buttons on the right of the entry, and click on the Save Button at the bottom of the rules.
Rules can be disabled such that they remain in the page but are not applied to traffic on the device. Use the "Disable" checkbox to do this.
Rules found to have invalid data will have the invalid data replaced with "###".