The ADSLModem firewall must be configured for broadband access.
Source: Internet
Author: User
Article title: The ADSLModem firewall must be configured for broadband access. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Many ADSL Modem systems are integrated with the firewall function to protect users' systems from DoS attacks and malicious attacks from the LAN. You can also set to monitor attacks and notify users in the form of E-mail if any problem is found. If your Lan is shared with the Internet through the ADSL Modem, enabling its firewall is a good choice, although its functions are not as powerful as professional firewalls, but it is a "free lunch" after all ".
The following uses an ADSL Modem using the Globespan chip as an example to describe how to configure and manage the built-in firewall of the ADSL Modem.
1. firewall settings Go to the management page of the ADSL Modem and click "Service> FireWall". then we can set the FireWall in detail () on the page ().
Blacklist Status: Blacklist Status. If you want to keep the ADSL Modem working in the blacklist state, you can select Enable; otherwise, select Disable.
Blacklist Period (min): within the specified time (in minutes), the IP address of the specified computer will be in the Blacklist.
Attack Protection: Select Enable to Enable the built-in firewall Protection function of ADSL Modem.
DoS Protection: click Enable to obtain service Protection for SYN DoS, ICMP DoS, and Per-host DoS.
Max Half Open TCP Conn: set the percentage of the current IP connection opened when the status is not fully Open. The number of available IP connections may be exhausted when the TCP connection is not fully open. if the percentage exceeds the upper limit, the incomplete open connection will be closed and a new connection will replace it.
Max ICMP Conn: set the percentage of connections currently used for ICMP Management. if the percentage exceeds the upper limit, the new connection will replace the old connection to start data transmission.
Max Single Host Conn: set the percentage of computers that can use the current IP address to connect to a Single computer. when setting this percentage, consider the number of computers in the LAN.
Log Destination: used to list attack firewall events on records. records of these events can be sent to the system or specified administrator.
Email ID of Admin 1/2/3: specifies the administrator's email address. Used to receive reports of attacks on the firewall. The email report information sent includes the attack time, source IP address, target IP address, and protocol used by the attacked computer.
II. Manage the blacklist list If you confirm that a data packet has attacked the firewall settings or some IP address filtering rules, the firewall will block the source IP address of the data packet for a specified period of time in the future, however, you must enable the blacklist list setting.
To view the list of blacklisted computers, click "blacklisted" at the bottom of the "firewall settings" page. the following information is displayed in the table:
Host IP address: records the IP address of the computer that sends attack packets.
Reason: A brief description of the attack type.
IPF rule ID: if a data packet violates the IP filtering rules, the rule ID is displayed in this box.
Operation: If you want to unban an item from the blacklist before it is automatically removed, you can delete the entries in the list.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.