1,211
edits
Changes
Template:Networking rutos manual firewall (view source)
Revision as of 14:59, 14 September 2023
, 14:59, 14 September 2023→DMZ
==DMZ==
==DMZ==
The <b>DMZ</b> is a security concept. It comprises the separation of the LAN-side network into at least two networks: the user LAN and the DMZ. Generally the DMZ is imprisoned: only access to certain ports from the Internet are allowed into the DMZ, while the DMZ is not allowed to establish new connections to the WAN-side or LAN-side networks. That way, if a server inside of the DMZ is hacked the potential damage that can be done remains restricted! The whole point of the DMZ is to cleanly create a unique firewall rule set that dramatically restricts access in to, and out of the, DMZ.
The <b>DMZ</b> is a security concept. It comprises the separation of the LAN-side network into at least two networks: the user LAN and the DMZ. Generally the DMZ is imprisoned: only access to certain ports from the Internet are allowed into the DMZ, while the DMZ is not allowed to establish new connections to the WAN-side or LAN-side networks. That way, if a server inside of the DMZ is hacked the potential damage that can be done remains restricted! The whole point of the DMZ is to cleanly create a unique firewall rule set that dramatically restricts access in to, and out of the, DMZ.
[[File:Networking rutos manual network firewall dmz.png|border|class=tlt-border]]
<table class="nd-mantable">
<tr>
<th>Field</th>
<th>Value</th>
<th>Description</th>
</tr>
<tr>
<td>Enable</td>
<td>off | on; default: <b>off</b></td>
<td>Enables the DMZ configuration </td>
</tr>
<tr>
<td>Host IP</td>
<td>IP; default: <b>none</b></td>
<td>IP address of the DMZ host</td>
</tr>
<tr>
<td>Protocol</td>
<td>TCP | UDP | ICMP | All; default: <b>none</b></td>
<td> Specifies for which protocols the DMZ will be used.</td>
</tr>
</table>
==Settings==
==Settings==
