Jump to content
  • EN

Template:Networking rutos manual firewall: Difference between revisions

Template:Networking rutos manual firewall (view source)

Revision as of 10:58, 19 August 2020

No change in size ,  19 August 2020
no edit summary
VisualWikitext
No edit summary
Line 3: Line 3:
| series    = {{{series}}}
| series    = {{{series}}}
}}
}}
==Summary==
==Summary==


Line 707: Line 706:


The <b>Reset</b> button resets the custom rules field to its default state.
The <b>Reset</b> button resets the custom rules field to its default state.
{{#ifeq: {{{series}}} | RUTX |
==Helpers==
The <b>Helpers</b> section provides you with the possibility to add firewall exceptions for some VoIP protocols, namely SIP and H.323. In other words, these functions provide a pass-through for VoIP communications between the device's LAN and WAN.
<b>Technical explanation:</b>
FTP, SIP and H.323 protocols are harder to filter by firewalls since they violate layering by introducing OSI layer 3/4 parameters in the OSI layer 7. NAT helpers are modules that are able to assist the firewall in tracking these protocols. These helpers create the so-called expectations that can be used to open necessary ports for RELATED connections. For example, FTP, GRE and PPTP helpers are enabled by default.
[[File:Networking_rutos_manual_firewall_helpers_nat_helpers.png|border|class=tlt-border]]


<table class="nd-mantable">
    <tr>
        <th>Field</th>
      <th>Value</th>
      <th>Description</th>
    </tr>
    <tr>
      <td>H323</td>
      <td>off <nowiki>|</nowiki> on; default: <b>off</b></td>
      <td>Turns H323 filtering on or off.</td>
    </tr>
    <tr>
      <td>SIP</td>
      <td>off <nowiki>|</nowiki> on; default: <b>off</b></td>
      <td>Turns SIP filtering on or off.</td>
    </tr>
</table>|}}
==Attack Prevention==
==Attack Prevention==


Line 970: Line 942:
     </tr>
     </tr>
</table>
</table>
{{#ifeq: {{{series}}} | RUTX |
==Helpers==
The <b>Helpers</b> section provides you with the possibility to add firewall exceptions for some VoIP protocols, namely SIP and H.323. In other words, these functions provide a pass-through for VoIP communications between the device's LAN and WAN.
<b>Technical explanation:</b>
FTP, SIP and H.323 protocols are harder to filter by firewalls since they violate layering by introducing OSI layer 3/4 parameters in the OSI layer 7. NAT helpers are modules that are able to assist the firewall in tracking these protocols. These helpers create the so-called expectations that can be used to open necessary ports for RELATED connections. For example, FTP, GRE and PPTP helpers are enabled by default.
[[File:Networking_rutos_manual_firewall_helpers_nat_helpers.png|border|class=tlt-border]]


<table class="nd-mantable">
    <tr>
        <th>Field</th>
      <th>Value</th>
      <th>Description</th>
    </tr>
    <tr>
      <td>H323</td>
      <td>off <nowiki>|</nowiki> on; default: <b>off</b></td>
      <td>Turns H323 filtering on or off.</td>
    </tr>
    <tr>
      <td>SIP</td>
      <td>off <nowiki>|</nowiki> on; default: <b>off</b></td>
      <td>Turns SIP filtering on or off.</td>
    </tr>
</table>
|}}
[[Category:{{{name}}} Network section]]
[[Category:{{{name}}} Network section]]
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/68733"