Netgear fvs114 사용자 설명서
Reference Manual for the ProSafe VPN Firewall FVS114
4-6
Firewall Protection and Content Filtering
202-10098-01, April 2005
–
Block non-standard packets — Abnormal packets are often used by hackers and in DoS
attacks, but may also be generated by other network devices. This setting should normally
be enabled.
attacks, but may also be generated by other network devices. This setting should normally
be enabled.
–
Enable DNS proxy — DNS proxy will forward DNS queries to the DNS. If the DNS
proxy is disabled, the Router will ignore DNS queries it receives. PCs will then need to
contact the DNS directly. This setting should normally be enabled.
proxy is disabled, the Router will ignore DNS queries it receives. PCs will then need to
contact the DNS directly. This setting should normally be enabled.
Inbound Rules (Port Forwarding)
Because the FVS114 uses Network Address Translation (NAT), your network presents only one IP
address to the Internet, and outside users cannot directly address any of your local computers.
However, by defining an inbound rule you can make a local server (for example, a Web server or
game server) visible and available to the Internet. The rule tells the firewall to direct inbound
traffic for a particular service to one local server based on the destination port number. This is also
known as port forwarding.
address to the Internet, and outside users cannot directly address any of your local computers.
However, by defining an inbound rule you can make a local server (for example, a Web server or
game server) visible and available to the Internet. The rule tells the firewall to direct inbound
traffic for a particular service to one local server based on the destination port number. This is also
known as port forwarding.
Remember that allowing inbound services opens holes in your FVS114 VPN Firewall. Only
enable those ports that are necessary for your network. Following are two application examples of
inbound rules:
enable those ports that are necessary for your network. Following are two application examples of
inbound rules:
Inbound Rule Example: A Local Public Web Server
If you host a public Web server on your local network, you can define a rule to allow inbound Web
(HTTP) requests from any outside IP address to the IP address of your Web server at any time of
day. This rule is shown in
(HTTP) requests from any outside IP address to the IP address of your Web server at any time of
day. This rule is shown in
:
Note:
Some residential broadband ISP accounts do not allow you to run any server
processes (such as a Web or FTP server) from your location. Your ISP may periodically
check for servers and may suspend your account if it discovers any active services at
your location. If you are unsure, refer to the Acceptable Use Policy of your ISP.
check for servers and may suspend your account if it discovers any active services at
your location. If you are unsure, refer to the Acceptable Use Policy of your ISP.