EasyManua.ls Logo

virtual access GW1000M Series - 27 Configuring Firewall; Configuration Package Used; Configuring Firewall Using the Web Interface

virtual access GW1000M Series
350 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
27: Configuring firewall
_______________________________________________________________________________________________________
_____________________________________________________________________________________________________
© Virtual Access 2017
GW1000 Series User Manual
Issue: 1.9 Page 242 of 350
27 Configuring firewall
The firewall itself is not required. It is a set of scripts which configure Netfilter. If
preferred, you can use Netfilter directly to achieve the desired firewall behaviour.
Note: the UCI firewall exists to simplify the configuration of Netfilter for many scenarios,
without requiring the knowledge to deal with the complexity of Netfilter.
The firewall configuration consists of several zones covering one or more interfaces.
Permitted traffic flow between the zones is controlled by forwardings. Each zone can
include multiple rules and redirects (port forwarding rules).
The Netfilter system is a chained processing filter where packets pass through various
rules. The first rule that matches is executed often leading to another rule-chain until a
packet hits either ACCEPT or DROP/REJECT.
Accepted packets pass through the firewall. Dropped packets are prohibited from
passing. Rejected packets are also prohibited but an ICMP message is returned to the
source host.
A minimal firewall configuration for a router usually consists of one 'defaults' section, at
least two 'zones' (LAN and WAN) and one forwarding to allow traffic from LAN to WAN.
Other sections that exist are 'redirects', 'rules' and 'includes'.
27.1 Configuration package used
Package
Sections
firewall
27.2 Configuring firewall using the web interface
In the top menu, select Network -> Firewall. The Firewall page appears. It is divided
into four sections: General Zone Settings, Port Forwards, Traffic Rules, and Custom
Rules.
27.2.1 Firewall general settings
The General Zone, or defaults, section declares global firewall settings that do not belong
to any specific zones. These default rules take effect last and more specific rules take
effect first.

Table of Contents

Other manuals for virtual access GW1000M Series

Preview: Installation And Operation Manual
Installation And Operation Manual23 pages