Order Of Precedence For Rules; Rules Menu Options - NETGEAR FWG114Pv2 - Wireless Firewall With USB Print Server Reference Manual

Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2

Order of Precedence for Rules

As you define new rules, they are added to the tables in the Rules menu. For any traffic attempting
to pass through the firewall, the packet information is subjected to the rules in the order of the
entries in the Rules Table, beginning at the top and proceeding to the default rules at the bottom. In
some cases, the order of precedence of two or more rules may be important in determining the
disposition of a packet. The Move button allows you to relocate a defined rule to a new position in
the table.

Rules Menu Options

Use the Options checkboxes to enable the following:
• Enable VPN Passthrough (IPSec, PPTP, L2TP)
If LAN users need to use VPN (Virtual Private Networking) software on their computer, and
connect to remote sites or servers, enable this checkbox. This will allow the VPN protocols
(IPSec, PPTP, L2TP) to be used. If this checkbox is not checked, these protocols are blocked.
• Drop fragmented IP packets
If checked, all fragmented IP packets will be dropped (discarded). Normally, this should NOT
be checked.
• Block TCP flood
If checked, when a TCP flood attack is detected, the port used will be closed, and no traffic
will be able to use that port.
• Block UDP flood
If checked, when a UDP flood attack is detected, all traffic from that IP address will be
blocked.
• Block non-standard packets
If checked, only known packet types will be accepted; other packets will be blocked. The
known packet types are TCP, UDP, ICMP, ESP, and GRE. Note that these are packet types, not
protocols.
Firewall Protection and Content Filtering
201-10301-02, May 2005
6-11