Manualsbrain.com
  1. Manuels
  2. Marques
  3. ZyXEL
  4. p-334wh
  5. Mode D'Emploi

ZyXEL p-334wh Mode D'Emploi

Télécharger
Page de 289
P-334WH User’s Guide
140 
Chapter 12 Firewall
Do not respond to 
requests for 
unauthorized 
services
Select this option to prevent hackers from finding the ZyXEL Device by probing for 
unused ports. If you select this option, the ZyXEL Device will not respond to port 
request(s) for unused ports, thus leaving the unused ports and the ZyXEL Device 
unseen. By default this option is not selected and the ZyXEL Device will reply with 
an ICMP Port Unreachable packet for a port probe on its unused UDP ports, and a 
TCP Reset packet for a port probe on its unused TCP ports. 
Note that the probing packets must first traverse the ZyXEL Device's firewall 
mechanism before reaching this anti-probing mechanism. Therefore if the firewall 
mechanism blocks a probing packet, the ZyXEL Device reacts based on the 
firewall policy, which by default, is to send a TCP reset packet for a blocked TCP 
packet. You can use the command "sys firewall tcprst rst [on|off]" to change this 
policy. When the firewall mechanism blocks a UDP packet, it drops the packet 
without sending a response packet.
Enable Services 
Blocking
Select this check box to enable this feature.
Available Services This is a list of pre-defined services (ports) you may prohibit your LAN computers 
from using. Select the port you want to block using the drop-down list and click 
Add to add the port to the Blocked Services field.
Blocked Services
This is a list of services (ports) that will be inaccessible to computers on your LAN 
once you enable service blocking. 
Custom Port
A custom port is a service that is not available in the pre-defined Available 
Services list and you must define using the next two fields.
Type
Choose the IP port (TCP or UDP) that defines your customized port from the drop 
down list box.
Port Number
Enter the port number range that defines the service. For example, if you want to 
define the Gnutella service, then select TCP type and enter a port range from 6345 
to 6349.
Add
Select a service from the Available Services drop-down list and then click Add to 
add a service to the Blocked Services
Delete
Select a service from the Blocked Services list and then click Delete to remove 
this service from the list.
Clear All
Click Clear All to empty the Blocked Services.
Day to Block:
Select a check box to configure which days of the week (or everyday) you want 
service blocking to be active. 
Time of Day to 
Block (24-Hour 
Format)
Select the time of day you want service blocking to take effect. Configure blocking 
to take effect all day by selecting All Day. You can also configure specific times by 
selecting From and entering the start time in the Start (hour) and Start (min) 
fields and the end time in the End (hour) and End (min) fields. Enter times in 24-
hour format, for example, "3:00pm" should be entered as "15:00".
Bypass Triangle 
Route
Select this check box to have the ZyXEL Device firewall ignore the use of triangle 
route topology on the network. 
Max NAT/Firewall 
Session Per User
Type a number ranging from 1 to 2048 to limit the number of NAT/firewall sessions 
that a host can create.
Apply
Click Apply to save the settings. 
Reset
Click Reset to start configuring this screen again. 
Table 54   Firewall Services
LABEL
DESCRIPTION