Netgear FVS338 참조 매뉴얼
Reference Manual for the ProSafe VPN Firewall 50 FVS338
7-4
Firewall Protection and Content Filtering
January 2005
–
Edit - to make any changes to the rule definition. The Inbound Service screen will be
displayed (see
displayed (see
) with the data for the
selected rule.
–
Move - to move the selected rule to a new position in the table. You will be prompted
for the new position.
for the new position.
–
Delete - to delete the selected rule.
Attack Checks—These check boxes allows you to enable check on various attacks. Select the
appropriate checkbox to enable them.
appropriate checkbox to enable them.
•
VPN Passthrough: Enable this to pass the VPN traffic without any filtering, specially used
when this box is between two VPN tunnel end points,
when this box is between two VPN tunnel end points,
•
Drop fragmented IP packets: Enable this to drop the fragmented IP packets,
•
UDP Flooding: Enable this to limit the number of UDP sessions created from one LAN
machine.
machine.
•
TCP Flooding: Enable this to protect the router from Syn flood attack.
•
Enable DNS Proxy: Enable this to allow the incoming DNS queries.
•
Enable Stealth Mode: Enable this to set the firewall to operate in stealth mode.
Services-Based Rules
The rules to block traffic are based on the traffic’s category of service.
•
Inbound rules (port forwarding)—Inbound traffic is normally blocked by the firewall unless
the traffic is in response to a request from the LAN side. The firewall can be configured to
allow this otherwise blocked traffic.
the traffic is in response to a request from the LAN side. The firewall can be configured to
allow this otherwise blocked traffic.
•
Outbound rules (service blocking)—Outbound traffic is normally allowed unless the firewall
is configured to disallow it.
is configured to disallow it.
•
Customized services—Additional services can be added to the list of services in the factory
default list. These added services can then have rules defined for them to either allow or block
that traffic.
default list. These added services can then have rules defined for them to either allow or block
that traffic.
•
Quality of service (QoS) priorities—Each service at its own native priority that impacts its
quality of performance and tolerance for jitter or delays. You can change this QoS priority if
desired to change the traffic mix through the system.
quality of performance and tolerance for jitter or delays. You can change this QoS priority if
desired to change the traffic mix through the system.