Describes the configuration of the broadband ADSL cat firewall.

There are many things worth learning about broadband ADSL cat firewall. Here we mainly introduce the configuration of broadband ADSL cat firewall. Today is an era where hackers are common. If you stay at your home and access the Internet, you may be shot. Attacking you from time to time will make your head big. Fortunately, many broadband ADSL cats have built-in firewall functions. If we enable this function, we can make our ADSL Internet access more secure and more secure.

I. login to the broadband ADSL cat

There are many ways to log on to the broadband ADSL cat. For the convenience of the article, here we use what we see as what we get to log on through WEB management. Open IE, enter the IP address of the broadband ADSL cat in the address bar, and press Enter. the login box shown appears. Enter the user name and password, and click OK. Now we can see the configuration interface of the broadband ADSL cat. Tip: You can enter the IP address of the broadband ADSL cat according to the instructions!

2. configure the firewall

Click to expand the "service" list and select the "firewall" command item. Then, we can see the detailed configuration items of the firewall on the right side of the window. The following describes the configurations of the firewall.

Blacklist

At the top is the "blacklist status" setting, that is, whether to Enable the blacklist filtering status of the broadband ADSL cat. "Enable" is enabled, and "Disable" is disabled. We recommend that you Enable this option. In addition, there is a blacklist cycle (minutes), that is, the IP address of the specified computer will be in the blacklist state within the specified time (in minutes.

Attack Protection

The purpose of enabling the firewall is to prevent attacks from others. Therefore, the "Attack Protection" option is set to "Enable" to Enable the firewall protection function of the broadband ADSL cat; for "DOS Protection", we recommend that you select "Enable" to Enable service protection for various DOS attacks.

Max connection

The options include "Max Half Open TCP connection", "Max ICMP Connection", and "Max single host connection. "Max Half-Open TCP connection" is used to set the percentage of the current IP connection opened in an incomplete open state. When a TCP connection is not fully open, all available IP address connections may be exhausted. If the percentage exceeds the value set here, the connection that is not fully open will be closed, there will be a new connection to replace it; "Max ICMP Connection" is the percentage of the current connections set to manage ICMP packet transmission. If the percentage exceeds the set value, the new connection will replace the old connection to start data transmission; the final "Max single host connection" is mainly used to set the percentage of connections from a single computer using the current IP address. When setting this percentage, consider the number of computers in the LAN.

Log target

It is mainly used to set the storage location of firewall attack events in log targets. The "Trace" option indicates that the record is sent to the system, that is, stored in the cat. The "Email" option indicates that the record is sent to the specified administrator mailbox. We recommend that you select this option. The following Admin 1 (/2/3) email ID is used to set the Administrator's mailbox address. It is mainly used to receive reports of attacks against the firewall, the specific content of the report includes "attack time", "source IP address of the computer under attack", "target IP Address", and "used protocol. Based on the preceding instructions, select and configure each project, and click Submit to save the configuration information.

3. rectify the troublemakers and add them to the blacklist

If you are always on the internet, you may find that your shoes are wet. If you are on the Internet, you may find an attack. It is a matter of course that attackers can correct and blacklist the shoes. When the firewall system of the broadband ADSL cat confirms that a data packet has an attack behavior or is compatible with IP address filtering rules, during the period specified in the previous "blacklist period (cycle, the firewall automatically blocks the source IP address of such data packets. Click the "Blacklist" button at the bottom of the "firewall settings" page to bring up the corresponding page, from which we can see the details of the troublemakers.

"Host IP Address" is the IP address of the computer that records the attack data packets; "Reason" is a brief description of the attack type; "IPF rule ID" if the data packet violates the IP address filtering rules, the rule ID is displayed in this box. If you want to unseal the entries in the blacklist before it is automatically removed, and want to delete the entries in the list, you can perform operations in the "operation" column. How can I feel relieved with this simple configuration. In fact, many of our ADSL Modem have such a function. As long as simple configuration is made, it will be much safer to access the Internet.