Intel 9515 Manual Do Utilizador
DMZ Firewall Solution for the Express Router
07-12-99 Version
1.0
14
Filter
Function
Settings
2
Allows FTP (both active and passive)
from the Internet to the HTTP/FTP
server on the DMZ.
from the Internet to the HTTP/FTP
server on the DMZ.
Three filters are required.
Action:
Pass
Protocol:
TCP
TCP flags:
All
Dest. address type:
Host
Dest. address:
10.2.0.1
Dest. port:
= 21
Src. address type:
All
Src. port:
> 1023
3
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
Host
Dest. address:
10.2.0.1
Dest. port:
= 20
Src. address type:
All
Src. port:
> 1023
4
Action:
Pass
Protocol:
TCP
TCP flags:
All
Dest. address type:
Host
Dest. address:
10.2.0.1
Dest. port:
>1023
Src. address type:
All
Src. port:
>1023
5
Allows external ping to HTTP/FTP
server on the DMZ.
server on the DMZ.
Action:
Pass
Protocol:
ICMP
Dest. address type:
Host
Dest. address:
10.2.0.1
Src. address type:
All
6
Allows external HTTP from HTTP/FTP
proxy on the DMZ.
proxy on the DMZ.
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
Host
Dest. address:
10.2.0.2
Dest. port
> 1023
Src. address type:
All
Src. port:
= 80
7
Allows external FTP from the
HTTP/FTP proxy server on the DMZ
(see note 1).
HTTP/FTP proxy server on the DMZ
(see note 1).
Two filters are required.
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
Host
Dest. address:
10.2.0.2
Dest. port
> 1023
Src. address type:
All
Src. port:
= 21
8
Action:
Pass
Protocol:
TCP
TCP flags:
ACK
Dest. address type:
Host