Bandwidth ADSL Firewall Configuration

Source: Internet
Author: User

Today is an era where hackers are common. If you stay at your home and access the Internet, you may be shot. Attacking you from time to time will make your head big. Fortunately, many broadband cats have built-in firewall functions. If we enable this function, we can make our ADSL Internet access more secure and more secure.

1. log on to the broadband cat.

There are many ways to log on to the broadband cat. For the convenience of the article, here we log on using what we see is what we get from WEB management.
Open IE, enter the IP address of the broadband cat in the address bar, and press Enter. The logon box shown in 1 appears. Enter the user name and password, and click OK. Now we can see the configuration interface of the broadband cat.
Tip: You can enter the IP address of a broadband cat according to the instructions!

2. configure the firewall.

Click to expand the "service" list and select the "firewall" command item. Then, we can see the detailed configuration items of the firewall on the right side of the window (2 ). The following describes the configurations of the firewall.


At the top is the "black list status" setting, that is, whether to Enable the black list filtering status of broadband cats, Enable is enabled, and Disable is disabled. We recommend that you Enable this option. In addition, there is a blacklist cycle (minutes), that is, the IP address of the specified computer will be in the blacklist state within the specified time (in minutes.

Attack Protection

The purpose of enabling the firewall is to prevent attacks from others. Therefore, the "Attack Protection" option is set to "Enable", so that the firewall protection function of the broadband cat can be enabled; for "DOS Protection", we recommend that you select "Enable" to Enable service protection for various DOS attacks.

Max connection

The options include "Max Half Open TCP connection", "Max ICMP Connection", and "Max single host connection. "Max Half-Open TCP connection" is used to set the percentage of the current IP connection opened in an incomplete open state. When a TCP connection is not fully open, all available IP address connections may be exhausted. If the percentage exceeds the value set here, the connection that is not fully open will be closed, there will be a new connection to replace it; "Max ICMP Connection" is the percentage of the current connections set to manage ICMP packet transmission. If the percentage exceeds the set value, the new connection will replace the old connection to start data transmission; the final "Max single host connection" is mainly used to set the percentage of connections from a single computer using the current IP address. When setting this percentage, consider the number of computers in the LAN.

Log target

It is mainly used to set the storage location of firewall attack events in log targets. The "Trace" option indicates that the record is sent to the system, that is, stored in the cat. The "Email" option indicates that the record is sent to the specified administrator mailbox. We recommend that you select this option. The following Admin 1 (/2/3) email ID is used to set the Administrator's mailbox address. It is mainly used to receive reports of attacks against the firewall, the specific content of the report includes "attack time", "source IP address of the computer under attack", "target IP Address", and "used protocol. Based on the preceding instructions, select and configure each project, and click Submit to save the configuration information.

3. rectify the troublemakers and add them to the blacklist

If you are always on the internet, you may find that your shoes are wet. If you are on the Internet, you may find an attack. It is a matter of course that attackers can correct and blacklist the shoes. When the firewall system of the broadband cat confirms that a data packet has an attack behavior or is compatible with IP address filtering rules, during the period specified in the previous "blacklist period (period, the firewall automatically blocks the source IP address of such data packets.

Click the "Blacklist" button at the bottom of the "firewall settings" page in Figure 2. The page shown in "3" is displayed, from which we can see the details of the troublemakers.

"Host IP Address" is the IP address of the computer that records the attack data packets; "Reason" is a brief description of the attack type; "IPF rule ID" if the data packet violates the IP address filtering rules, the rule ID is displayed in this box. If you want to unseal the entries in the blacklist before it is automatically removed, and want to delete the entries in the list, you can perform operations in the "operation" column.

How can I feel more at ease with this simple configuration. In fact, many of our ADSL Modem have such a function. As long as simple configuration is made, it will be much safer to access the Internet.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.