Table of Contents
Advertisement
17 Security Services - Firewalling
AST570 Firewall hooks
AST570 Firewall
streams
220 / 300
The following hooks, or PIPs can be determined (See Firewall
model):
Input : The point of all incoming traffic
"
At this point it can be determined whether the packet is
allowed to reach the AST570 IP router, or the local host.
Sink : The point of all traffic destined to the AST570 IP router
"
At this point it can be determined whether the packet is
allowed to address the local host.
Forward : The point of all traffic to be forwarded by the
"
AST570
At this point it can be determined whether the packet is
allowed to be handled, i.e. routed, by the AST570 IP router.
Source : The point of all traffic sourced by the AST570 IP
"
router
At this point it can be determined whether the packet is
allowed to leave the local host.
Output : The point of all outgoing traffic
"
At this point it can be determined whether the packet is
allowed to leave the AST570 IP router or local host.
The following streams (See Firewall model) can run through the
PIPs:
(1) Input -> Sink
"
to the AST570
(2) Source-> Output
"
exclusively by the AST570 itself
(3) Input -> Forward -> Output
"
sourced by the WAN, forwarded towards the local network or
vice versa.
: The flow of packets exclusively destined
: The flow of packets sourced
: The flow of packets
3EC 17766 AAAA TCZZA Ed. 04
Advertisement
Table of Contents
