ZyXEL p-660h-61 Betriebsanweisung
Prestige 660H Series User’s Guide
Creating Custom Rules
12-5
Table 12-1 Firewall Rules Summary: First Screen
LABEL DESCRIPTION
Log
This field shows you if a log is created for packets that match the rule (Match), don't
match the rule (Not Match), both (Both) or no log is created (None).
match the rule (Not Match), both (Both) or no log is created (None).
Rules Reorder
You may reorder your rules using this function. Use the drop-down list box to select the
number of the rule you want to move. The ordering of your rules is important as rules
are applied in turn.
number of the rule you want to move. The ordering of your rules is important as rules
are applied in turn.
To Rule Number
Use the drop-down list box to select to where you want to move the rule.
Move
Click Move to move the rule.
Back
Click Back to return to the previous screen.
Apply
Click Apply to save your changes back to the Prestige.
Cancel
Click Cancel to return to the previously saved settings.
12.5 Predefined Services
The Available Services list box in the Edit Rule screen (see Figure 12-4) displays all predefined
services that the Prestige already supports. Next to the name of the service, two fields appear in
brackets. The first field indicates the IP protocol type (TCP, UDP, or ICMP). The second field
indicates the IP port number that defines the service. (Note that there may be more than one IP
protocol type. For example, look at the default configuration labeled “(DNS)”.
services that the Prestige already supports. Next to the name of the service, two fields appear in
brackets. The first field indicates the IP protocol type (TCP, UDP, or ICMP). The second field
indicates the IP port number that defines the service. (Note that there may be more than one IP
protocol type. For example, look at the default configuration labeled “(DNS)”.
(UDP/TCP:53)
means
UDP port 53 and TCP port 53. Up to 128 entries are supported. Custom services may also be
configured using the Custom Ports function discussed later.
configured using the Custom Ports function discussed later.
Table 12-2 Predefined Services
SERVICE DESCRIPTION
AIM/NEW_ICQ(TCP:5190)
AOL’s Internet Messenger service, used as a listening port by ICQ.
AUTH(TCP:113) Authentication protocol used by some servers.
BGP(TCP:179)
Border Gateway Protocol.
BOOTP_CLIENT(UDP:68)
DHCP Client.
BOOTP_SERVER(UDP:67)
DHCP Server.
CU-SEEME(TCP/UDP:7648,
24032)
24032)
A popular videoconferencing solution from White Pines Software.
DNS(UDP/TCP:53)
Domain Name Server, a service that matches web names (e.g.
FINGER(TCP:79)
Finger is a UNIX or Internet related command that can be used to find out if
a user is logged on.
a user is logged on.
FTP(TCP:20.21)
File Transfer Program, a program to enable fast transfer of files, including
large files that may not be possible by e-mail.
large files that may not be possible by e-mail.
H.323(TCP:1720)
Net Meeting uses this protocol.
HTTP(TCP:80)
Hyper Text Transfer Protocol - a client/server protocol for the world wide
web.
web.
HTTPS
HTTPS is a secured http session often used in e-commerce.
ICQ(UDP:4000)
This is a popular Internet chat program.
IPSEC TRANSPORT/TUNN
The IPSEC AH (Authentication Header) tunneling protocol uses this