Table of Contents
Advertisement
Firewall treatments
SpeedTouch™610
Packet Firewall
Configuration
E-SIT-CTC-20030306-0004 v2.0
Once a packet is intercepted in a hook, and a (first) rule is found to be applicable (i.e.
matches against at least one of the criteria defined in this rule), the SpeedTouch™610
firewall is able to:
•
Accept the packet
I.e. submit it to the next processing stage without further action.
•
Deny the packet
I.e. no submission is done and a message is sent to the sender that the packet
could not be delivered.
•
Drop the packet
I.e. no submission is done; the packet is silently discarded
•
Count the packet for statistical use (no further action is done on the packet)
Link the packet to another chain of hooks, i.e. for parsing another defined chain, if the
specific rule applies.
The SpeedTouch™610 packet firewall is by default configured to:
•
Drop all traffic migrating from WAN to WAN
•
Drop all traffic from the SpeedTouch™610 to the WAN, except DNS
•
Allow all traffic from SpeedTouch™610 to LAN, and vice versa
•
Allow all traffic from LAN to WAN, and vice versa
•
Allow all traffic from a remote LAN to local LAN, and vice versa.
•
You can create other, or additional chains with rules, specific for your needs via
the CLI.
4 SpeedTouch™610 Advanced Concepts
67
Advertisement
Table of Contents
