Intel 9515 Benutzerhandbuch
DMZ Firewall Solution for the Express Router
07-12-99 Version
1.0
9
Filter
Function
Settings
Src. address:
10.2.0.2
Src. port:
= 80
2
Allows FTP (only passive connections)
from secure LAN to the FTP proxy
server on the DMZ (see note 1).
from secure LAN to the FTP proxy
server on the DMZ (see note 1).
Two filters are required.
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
All
Dest. port:
>1023
Src. address type:
Host
Src. address:
10.2.0.2
Src. port:
= 21
3
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
All
Dest. port:
>1023
Src. address type:
Host
Src. address:
10.2.0.2
Src. port:
>1023
4
Allows incoming mail (SMTP) from
DMZ to secure LAN.
DMZ to secure LAN.
Action:
Pass
Protocol:
TCP
TCP flags:
All
Dest. address type:
Host
Dest. address:
10.5.0.1
Dest. port:
= 25
Src. address type:
Host
Src. address:
10.2.0.3
Src. port:
> 1023
5
Allows outgoing mail (SMTP) from
secure LAN to DMZ.
secure LAN to DMZ.
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
Host
Dest. address:
10.5.0.1
Dest. port:
> 1023
Src. address type:
Host
Src. address:
10.2.0.3
Src. port:
= 25
6
Allows incoming News (NNTP) from
DMZ to secure LAN (see note 2).
DMZ to secure LAN (see note 2).
Action:
Pass
Protocol:
TCP
TCP flags:
All
Dest. address type:
Host
Dest. address:
10.5.0.2
Dest. port:
= 119
Src. address type:
Host
Src. address:
10.2.0.4
Src. port:
> 1023
7
Allows outgoing News (NTTP) to DMZ
from secure LAN.
from secure LAN.
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
Host