Use Firewall Scripts - Digi TransPort WR11 User Manual

Configuring security

Use firewall scripts

A firewall is a protection and packet filtering system that allows or prevents the transmission of data
(in either direction) based on a set of rules. The firewall prevents your local area network from
unauthorized external access by other users of the Internet or another wide area network.
Firewall rules allow filtering based on the following criteria:
Source and destination IP addresses
n
Source and destination IP port or port ranges
n
Type of protocol in use
n
Direction of the data (in or out)
n
Interface type
n
The eroute the packet is on
n
Whether an interface is OOS (out of service)
n
ICMP message type
n
TCP flags (SYN, ACK, URG, RESET, PUSH, FIN)
n
A type of service (TOS) identifier
n
Status of a link and/or data packets on UDP/TCP and ICMP protocols
n
A firewall can also limit the degree of access local users have to external network resources.
A firewall does not provide a complete security solution; it provides only one element of a fully secure
system. Consider using additional security methods, such as user authentication and data encryption.
See Configure Internet Protocol security (IPsec)
Besides providing comprehensive filtering facilities, Digi TransPort routers support rules relating to
the logging of information for audit/debugging purposes. You can log this information to a pseudo-file
on the router called fwlog.txt, the eventlog.txt pseudo-file, or to a syslog server, and you can also use
it to generate SNMP traps.
Digi TransPort® Routers User Guide
for further information.
Firewall
764