Intel 9515 Benutzerhandbuch
DMZ Firewall Solution for the Express Router
07-12-99 Version
1.0
15
Filter
Function
Settings
Dest. address:
10.2.0.2
Dest. port
> 1023
Src. address type:
All
Src. port:
> 1023
9
Allows DNS reply to the HTTP/FTP
proxy server on the DMZ.
proxy server on the DMZ.
Two filters are required.
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
Host
Dest. address:
10.2.0.2
Dest. port
> 1023
Src. address type:
Host
Src. address:
194.25.6.4
Src. port:
= 53
10
Action:
Pass
Protocol:
UDP
Dest. address type:
Host
Dest. address:
10.2.0.2
Dest. port
> 1023
Src. address type:
Host
Src. address:
194.25.6.4
Src. port:
= 53
11
Allows DNS reply to the SMTP server
on the DMZ.
on the DMZ.
Two filters are required.
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
Host
Dest. address:
10.2.0.3
Dest. port
> 1023
Src. address type:
Host
Src. address:
194.25.6.4
Src. port:
= 53
12
Action:
Pass
Protocol:
UDP
Dest. address type:
Host
Dest. address:
10.2.0.3
Dest. port
> 1023
Src. address type:
Host
Src. address:
194.25.6.4
Src. port:
= 53
13
Allows incoming mail (SMTP) from
any host on the Internet to the DMZ.
any host on the Internet to the DMZ.
Action:
Pass
Protocol:
TCP
TCP flags:
All
Dest. address type:
Host
Dest. address:
10.2.0.3
Dest. port
= 25
Src. address type:
All
Src. port:
> 1023
14
Allows outgoing mail (SMTP) to any
host on the Internet from the DMZ.
host on the Internet from the DMZ.
Action:
Pass
Protocol:
TCP
TCP flags:
ACK