Jump to content
  • EN

RUT850 Firewall: Difference between revisions

RUT850 Firewall (view source)

Revision as of 07:26, 17 December 2018

4,844 bytes removed ,  17 December 2018
→‎Port Forward Rule Configuration
VisualWikitext
Line 159: Line 159:




{| class="wikitable"
<table class="nd-mantable">
|+
    <tr>
! style="width: 250px; border: 1px solid white; border-bottom: 2px solid #0054A6; background: white; color: #0054A6; text-align: left;" | FIELD NAME
        <th>field name</th>
! style="width: 250px; border: 1px solid white; border-bottom: 2px solid #0054A6; background: white; color: #0054A6; text-align: left;" | VALUE
      <th>value</th>
! style="width: 579px; border: 1px solid white; border-bottom: 2px solid #0054A6; background: white; color: #0054A6; text-align: left;" | DESCRIPTION
      <th>description</th>
|-
    </tr>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Enable
    <tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | yes {{!}} no; Default: '''no'''
      <td>Enable</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Toggles a rule ON or OFF
      <td>yes {{!}} no; Default: '''no'''</td>
|-
      <td>Toggles a rule ON or OFF</td>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Name
    </tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | string; Default: " "
    <tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | The name of the rule. This is used for easier management purposes
      <td>Name</td>
|-
      <td>string; Default: " "</td>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Protocol
      <td>The name of the rule. This is used for easier management purposes</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | TCP+UDP {{!}} TCP {{!}} UDP {{!}} ICMP {{!}} -- custom --; Default: '''TCP+UDP'''
    </tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Specifies to which protocols the rule should apply
    <tr>
|-
    <td>Protocol</td>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Source zone
        <td>TCP+UDP {{!}} TCP {{!}} UDP {{!}} ICMP {{!}} -- custom --; Default: '''TCP+UDP'''</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | <span style="background:#9DB6BA"> gre: gre tunnel </span> <span style="background:#FD9589"> hotspot: </span> {{!}}  <span style="background:#CEF58F"> l2tp: l2tp </span> {{!}}  <span style="background:#9BEAC3"> pptp: pptp </span> {{!}} <span style="background:#96EBE8"> vpn: openvpn </span> {{!}}  <span style="background:#D0E1EF"> wan: ppp </span>  {{!}} <span style="background:#DDDDDD"> lan: lan </span> ; Default: '''<span style="background:#DDDDDD"> wan: ppp </span>'''
        <td>Specifies to which protocols the rule should apply</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | The source zone from which data packets will redirected from
    </tr>
|-
    <tr>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Source MAC address
    <td>Source zone</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | mac; Default: " "
        <td> <span style="background:#9DB6BA"> gre: gre tunnel </span>  | <span style="background:#FD9589"> hotspot: </span>  {{!}}  <span style="background:#CEF58F"> l2tp: l2tp </span>  {{!}}  <span style="background:#9BEAC3"> pptp: pptp </span>  {{!}}  <span style="background:#96EBE8"> vpn: openvpn </span>  {{!}}  <span style="background:#D0E1EF"> wan: ppp </span>  {{!}}  <span style="background:#DDDDDD"> lan: lan </span> ; Default: '''<span style="background:#DDDDDD"> wan: ppp </span>'''</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Matches incoming traffic from these MACs only
        <td>The source zone from which data packets will redirected from</td>
|-
    </tr>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Source IP address
    <tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | ip; Default: " "
      <td>Source MAC address</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Matches incoming traffic from this IP or range of IPs only
      <td>mac; Default: " "</td>
|-
      <td>Matches incoming traffic from these MACs only</td>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Source port
    </tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | integer [0..65535] {{!}} range of integers [0..65534] - [1..65535]; Default: " "
    <tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Matches incoming traffic originating from the given source port or port range on the client host only
      <td>Source IP address</td>
|-
      <td>ip; Default: " "</td>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | External IP address
      <td>Matches incoming traffic from this IP or range of IPs only</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | ip; Default: " "
    </tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Matches incoming traffic directed at the given IP address only
    <tr>
|-
    <td>Source port</td>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | External port
        <td>integer [0..65535] {{!}} range of integers [0..65534] - [1..65535]; Default: " "</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | integer [0..65535] {{!}} range of integers [0..65534] - [1..65535]; Default: " "
        <td>Matches incoming traffic originating from the given source port or port range on the client host only</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Specifies the external port, i.e., the port from which the third party is connecting
    </tr>
|-
    <tr>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Internal zone
    <td>External IP address</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | <span style="background:#9DB6BA"> gre: gre tunnel </span>  |  <span style="background:#FD9589"> hotspot: </span>  {{!}}  <span style="background:#CEF58F"> l2tp: l2tp </span>  {{!}}  <span style="background:#9BEAC3"> pptp: pptp </span>  {{!}}  <span style="background:#96EBE8"> vpn: openvpn </span>  {{!}}  <span style="background:#D0E1EF"> wan: ppp </span>  {{!}}  <span style="background:#DDDDDD"> lan: lan </span> ; Default: '''<span style="background:#DDDDDD"> lan: lan </span>'''
        <td>ip; Default: " "</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Specifies the internal zone, i.e., the zone where the incoming connection will be redirected to
        <td>Matches incoming traffic directed at the given IP address only</td>
|-
    </tr>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Internal IP address
    <tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | ip; Default: " "
      <td>External port</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Specifies the internal IP address, i.e., the IP address to which the incoming connection will be redirected to
      <td>integer [0..65535] {{!}} range of integers [0..65534] - [1..65535]; Default: " "</td>
|-
      <td>Specifies the external port, i.e., the port from which the third party is connecting </td>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Internal port
    </tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | integer [0..65535] {{!}} range of integers [0..65534] - [1..65535]; Default: " "
    <tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Specifies the internal port, i.e., the port to which the incoming connection will be redirected to
      <td>Internal zone</td>
|-
      <td><span style="background:#9DB6BA"> gre: gre tunnel </span>  | <span style="background:#FD9589"> hotspot: </span> {{!}}  <span style="background:#CEF58F"> l2tp: l2tp </span> {{!}}  <span style="background:#9BEAC3"> pptp: pptp </span>  {{!}}  <span style="background:#96EBE8"> vpn: openvpn </span>  {{!}}  <span style="background:#D0E1EF"> wan: ppp </span>  {{!}}  <span style="background:#DDDDDD"> lan: lan </span> ; Default: '''<span style="background:#DDDDDD"> lan: lan </span>'''</td>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Enable NAT loopback
      <td>Specifies the internal zone, i.e., the zone where the incoming connection will be redirected to</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | yes {{!}} no; Default: '''no'''
    </tr>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | NAT loopback enables your local network (i.e., behind your router/modem) to connect to a forward-facing IP address (such as 208.112.93.73) of a machine that it also on your local network
    <tr>
|-
    <td>Internal IP address</td>
! style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Extra arguments
        <td>ip; Default: " "</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | string; Default: " "
        <td>Specifies the internal IP address, i.e., the IP address to which the incoming connection will be redirected to</td>
| style="border: 1px solid white; border-bottom: 2px solid #E8E8E8; text-align: left; vertical-align: top; background: white;" | Passes additional arguments to iptables. '''Use with care!'''
    </tr>
|-
    <tr>
|}
    <td>Internal port</td>
        <td>integer [0..65535] {{!}} range of integers [0..65534] - [1..65535]; Default: " "</td>
        <td>Specifies the internal port, i.e., the port to which the incoming connection will be redirected to</td>
    </tr>
    <tr>
      <td>Enable NAT loopback</td>
      <td>yes {{!}} no; Default: '''no'''</td>
      <td>NAT loopback enables your local network (i.e., behind your router/modem) to connect to a forward-facing IP address (such as 208.112.93.73) of a machine that it also on your local network</td>
    </tr>
    <tr>
      <td>Extra arguments</td>
      <td>string; Default: " "</td>
      <td>Passes additional arguments to iptables. '''Use with care!'''</td>
    </tr>
</table>


==Traffic Rules==
==Traffic Rules==
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/25024"