Line 3: |
Line 3: |
| | series = {{{series}}} | | | series = {{{series}}} |
| }} | | }} |
− |
| |
| ==Summary== | | ==Summary== |
| | | |
Line 707: |
Line 706: |
| | | |
| The <b>Reset</b> button resets the custom rules field to its default state. | | The <b>Reset</b> button resets the custom rules field to its default state. |
− | {{#ifeq: {{{series}}} | RUTX |
| |
− | ==Helpers==
| |
− |
| |
− | The <b>Helpers</b> section provides you with the possibility to add firewall exceptions for some VoIP protocols, namely SIP and H.323. In other words, these functions provide a pass-through for VoIP communications between the device's LAN and WAN.
| |
− |
| |
− | <b>Technical explanation:</b>
| |
− |
| |
− | FTP, SIP and H.323 protocols are harder to filter by firewalls since they violate layering by introducing OSI layer 3/4 parameters in the OSI layer 7. NAT helpers are modules that are able to assist the firewall in tracking these protocols. These helpers create the so-called expectations that can be used to open necessary ports for RELATED connections. For example, FTP, GRE and PPTP helpers are enabled by default.
| |
− |
| |
− | [[File:Networking_rutos_manual_firewall_helpers_nat_helpers.png|border|class=tlt-border]]
| |
| | | |
− | <table class="nd-mantable">
| |
− | <tr>
| |
− | <th>Field</th>
| |
− | <th>Value</th>
| |
− | <th>Description</th>
| |
− | </tr>
| |
− | <tr>
| |
− | <td>H323</td>
| |
− | <td>off <nowiki>|</nowiki> on; default: <b>off</b></td>
| |
− | <td>Turns H323 filtering on or off.</td>
| |
− | </tr>
| |
− | <tr>
| |
− | <td>SIP</td>
| |
− | <td>off <nowiki>|</nowiki> on; default: <b>off</b></td>
| |
− | <td>Turns SIP filtering on or off.</td>
| |
− | </tr>
| |
− | </table>|}}
| |
| ==Attack Prevention== | | ==Attack Prevention== |
| | | |
Line 970: |
Line 942: |
| </tr> | | </tr> |
| </table> | | </table> |
| + | {{#ifeq: {{{series}}} | RUTX | |
| + | ==Helpers== |
| + | |
| + | The <b>Helpers</b> section provides you with the possibility to add firewall exceptions for some VoIP protocols, namely SIP and H.323. In other words, these functions provide a pass-through for VoIP communications between the device's LAN and WAN. |
| + | |
| + | <b>Technical explanation:</b> |
| + | |
| + | FTP, SIP and H.323 protocols are harder to filter by firewalls since they violate layering by introducing OSI layer 3/4 parameters in the OSI layer 7. NAT helpers are modules that are able to assist the firewall in tracking these protocols. These helpers create the so-called expectations that can be used to open necessary ports for RELATED connections. For example, FTP, GRE and PPTP helpers are enabled by default. |
| + | |
| + | [[File:Networking_rutos_manual_firewall_helpers_nat_helpers.png|border|class=tlt-border]] |
| | | |
| + | <table class="nd-mantable"> |
| + | <tr> |
| + | <th>Field</th> |
| + | <th>Value</th> |
| + | <th>Description</th> |
| + | </tr> |
| + | <tr> |
| + | <td>H323</td> |
| + | <td>off <nowiki>|</nowiki> on; default: <b>off</b></td> |
| + | <td>Turns H323 filtering on or off.</td> |
| + | </tr> |
| + | <tr> |
| + | <td>SIP</td> |
| + | <td>off <nowiki>|</nowiki> on; default: <b>off</b></td> |
| + | <td>Turns SIP filtering on or off.</td> |
| + | </tr> |
| + | </table> |
| + | |}} |
| [[Category:{{{name}}} Network section]] | | [[Category:{{{name}}} Network section]] |