Справочник Пользователя для ASUS rx3041h
RX3041H User’s Manual
Chapter 9. Configuring Firewall/NAT Settings
69
9.8.1
Configuring Application Filter
Application filter allows network administrator to block, monitor, and report on network users’ access to non-
business and objectionable content. This high-performance content access control results in increased
productivity, lower bandwidth usage and reduced legal liability.
business and objectionable content. This high-performance content access control results in increased
productivity, lower bandwidth usage and reduced legal liability.
The RX3041H has the ability to handle active content filtering on certain application protocols such as HTTP,
FTP, SMTP and RPC.
FTP, SMTP and RPC.
HTTP – You can define HTTP extension based filtering schemes for blocking
ActiveX – *.ocx
Java Archive – *.jar
Java Applets – *.class
Microsoft Archives – *.msar
Other URLs based on file extensions.
FTP – allows you to define and enforce the file transfer policy for the site or group of users
SMTP – allows you to filter operations such as VRFY, EXPN, etc. which reveal excess information
SMTP – allows you to filter operations such as VRFY, EXPN, etc. which reveal excess information
about the recipient.
RPC – allows you to filter programs based on the assigned RPC program numbers.
9.8.1.1
Application Filter Configuration Parameters
Table 9.6 describes the configuration parameters available for application filter.
Table 9.6. Application Filter Configuration Parameters
Field
Description
Filter Type
Select the type of filter: FTP, HTTP, RPC and SMTP.
Filter Name
Enter a name for the filter.
Protocol
Select the protocol that Application Filter uses (TCP/UDP).
Port
Enter the port number that the Application Filter uses.
Log
This option includes buttons to enable and disable logging for this Application Filter.
Enable
Select this option to enable logging for this application filter.
Disable
Select this option to disable logging for this application filter.
Action
Allow
Select this option to configure the rule as an “allow” rule. This rule when
bound to the Firewall will allow matching packets to pass through.
bound to the Firewall will allow matching packets to pass through.
Deny
Select this option to configure the rule as a “deny” rule. This rule when
bound to the Firewall will not allow matching packets to pass through.
bound to the Firewall will not allow matching packets to pass through.
Filter Commands
This section allows you to enter a command for the respective application. The list of supported
commands per application is as follows:
commands per application is as follows:
FTP Commands
Add the following command to an FTP filter to:
CWD
Allow or deny of change directory.
LIST
Allow or deny of Listing of files/directory.
MKD
Allow or deny of Creating a directory.
NLST
Allow Short listing of directory contents.