Table of Contents
Advertisement
Option
Name
Type
Trigger Port
Target Port
Interval
IP Replacement
Allow sessions initiated from/to the
3
host
rd
Configuring URL Blocking
Using the URL Blocking menu, you can configure your Gateway to block access to certain
Web sites from local computers by entering either a full URL address or keywords of the
Web site. Your Gateway examines all the HTTP packets to block the access to those
particular sites. This feature can be used to protect children from accessing inappropriate
Web sites. You can block up to 50 sites.
Using URL blocking, you can also make up to 10 computers exempt from URL blocking and
have full access to all Web sites at any time.
To display the URL Blocking menu, click Firewall in the menu bar and then click the URL
Blocking submenu. Figure 28 shows an example of the menu.
Note: The Gateway provides a Schedule Rules feature that lets you configure URL blocking
for certain days, if desired. For more information, see "Configuring Schedule Rules" on page
52.
Configuring Your Gateway
Table 13. Trigger Menu Options
Name for identifying the trigger. The name is for reference purposes only.
The type of protocol you want to use with the trigger. Choices are TCP and UDP. Default is
TCP. For example, to track the H.323 protocol, the protocol type should be TCP.
From and To port ranges of the special application. For example, to track H.323 protocol, the
From and To ports should be 1720.
From and To port ranges for the target port listening for the special application.
Specify the interval between 50 and 30000 between two continuous sessions. If the interval
exceeds this time interval setting, the sessions are considered to be unrelated.
Select the IP replacement according to the application. Some applications embed the source
host's IP in the datagram and normal NAT would not translate the IP address in the datagram.
To make sure the network address translation is complete, IP replacement is necessary for
these special applications, such as H.323.
Decide whether the sessions can start from/to a third host. To prevent hacker attacks from a
3rd host, this feature usually is not allowed. However, for some special applications, such as
MGCP in a VOIP application, a session initiated from a third host is permitted. For example,
assume Client A is trying to make a phone call to a host B. Client A tries to communicate with
the Media Gateway Controller (MGC) first and provides host B's number to the MGC. Then
MGC checks its own database to find B and communicate with B to provide B the information
about A. B uses this information to communicate directly to A. So initially, A is talking to MGC,
but the final step has B initiating a session to A. If the 3rd-host-initiated session is not allowed
in this example, the whole communication fails.
50
SMCD3G Cable Modem Gateway User Manual
Description
Advertisement
Table of Contents
