Intel 9515 Benutzerhandbuch
DMZ Firewall Solution for the Express Router
07-12-99 Version
1.0
20
Filter
Function
Settings
Src. port:
= 80
2
Allows FTP (only passive connections)
from secure LAN to the FTP proxy
server on the DMZ (see note 1).
from secure LAN to the FTP proxy
server on the DMZ (see note 1).
Two filters are required.
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
All
Dest port:
>1023
Src. address type:
Host
Src. address:
193.84.251.2
Src. port:
= 21
3
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
All
Dest. port:
> 1023
Src. address type:
Host
Src. address:
193.84.251.2
Src. port:
> 1023
4
Allows incoming mail (SMTP) from
DMZ to the secure LAN.
DMZ to the secure LAN.
Action:
Pass
Protocol:
TCP
TCP flags:
All
Dest. address type:
Host
Dest. address:
10.1.0.1
Dest. port:
25
Src. address type:
Host
Src. address:
193.84.251.3
Src. port:
> 1023
5
Allows outgoing mail (SMTP) from
secure LAN to the DMZ.
secure LAN to the DMZ.
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
Host
Dest. address:
10.1.0.1
Dest. port:
> 1023
Src. address type:
Host
Src. address:
193.84.251.3
Src. port:
25
6
Allows incoming News (NNTP) from
the DMZ to the secure LAN (see note
2).
the DMZ to the secure LAN (see note
2).
Action:
Pass
Protocol:
TCP
TCP flags:
All
Dest. address type:
Host
Dest. address:
10.1.0.2
Dest. port:
119
Src. address type:
Host
Src. address:
193.84.251.4
Src. port:
> 1023
7
Allows outgoing News (NNTP) to
DMZ from secure LAN.
DMZ from secure LAN.
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
Host
Dest. address:
10.1.0.2