Access Control Rule - LevelOne WGR-2301 User Manual

12.2.1 Access Control Rule

Configuring access control policies on the device can monitor each packet flowing through the
device. By default, the device is not configured with access control policies, and it will forward all
the legitimate packets received. If the access control policy is configured, when the device
receives a packet, it will extract the source MAC address, source address, destination address,
upper-layer protocol, port number or the packet content for analysis, and assign them according to
the order of the policy table from top to bottom, view any matching policy, and implement the
action defined by the first policy: forwarding or discarding. And it will no longer compare the rest
of the policies.
You can specify the filter type for access control policy by setting the "Filter type". The device
offers four filter types: IP filtering, URL filtering, keyword filtering and DNS filtering.
1. IP filtering
IP filtering refers to filtering of packet header information, such as source and destination IP
addresses. If the protocol field encapsulation protocol in the IP header is TCP or UDP, then filter
again according to the TCP header information (source port and destination port) or UDP header
information (source port and destination port).
When filter type is IP filtering, the filtering conditions available for setting include: Source
address, destination IP address, protocol, source port, destination port, action and effective time,
etc.
2. URL filtering
URL filtering refers to filtering of URL websites. Filtering according to the keywords in the URL
not only can control the Intranet users in access to a site, but also can control user access to the
web pages.
When the filter type is URL filtering, the filtering conditions available for setting include: source
address, filtering content (refer to URL address), actions, and effective time.
3. Keyword filtering
Keyword filtering refers to keyword filtering in the HTML pages (web pages), which means if you
have made a comment (such as pornography, the Falun Gong, gambling, etc.), the comment will
not be submitted successfully.
When the filter type is keyword filtering, the filtering conditions available for setting include:
source address, filtering content (refers to the keywords on a web page) and the effective time.
4. DNS filtering
DNS filtering refers to filtering of domain names, which is made according to the keywords in the
http://www.level1.com
Chapter 12 VPN
Page 127