Line 1: |
Line 1: |
| {{Template: Networking_rutos_manual_fw_disclosure | | {{Template: Networking_rutos_manual_fw_disclosure |
− | | fw_version = {{{series}}}{{#ifeq:{{{name}}}|RUT241|M|}}_R_00.07.01 | + | | fw_version ={{Template: Networking_rutos_manual_latest_fw |
− | | series = {{{series}}} | + | | series = {{{series}}} |
| + | | name = {{{name}}} |
| + | }} |
| }} | | }} |
− | {{#ifeq: {{{series}}} | RUT9 |<br><i><b>Note</b>: <b>[[{{{name}}} Firewall (legacy WebUI)|click here]]</b> for the old style WebUI (FW version RUT9XX_R_00.06.08.5 and earlier) user manual page.</i>|}} | + | {{#ifeq: {{{series}}} | RUT9 |<br><i><b>Note</b>: <b>[[{{{name}}} Firewall (legacy WebUI)|click here]]</b> for the old style WebUI (FW version {{Template: Networking_rutos_manual_latest_fw | series = RUT9XX}} and earlier) user manual page.</i>|}} |
− | {{#ifeq: {{{series}}} | RUT2 | | + | {{#ifeq: {{{series}}} | RUT2 |<br><i><b>Note</b>: <b>[[{{{name}}} Firewall (legacy WebUI)|click here]]</b> for the old style WebUI (FW version {{Template: Networking_rutos_manual_latest_fw | series = RUT2XX}} and earlier) user manual page.</i>|}} |
− | {{#switch: {{{name}}}
| |
− | | RUT241 =
| |
− | | #default =
| |
− | <br><i><b>Note</b>: <b>[[{{{name}}} Firewall (legacy WebUI)|click here]]</b> for the old style WebUI (FW version RUT2XX_R_00.01.14.4 and earlier) user manual page.</i>}} | |
− | |}} | |
| ==Summary== | | ==Summary== |
| | | |
Line 65: |
Line 62: |
| <li><b>Reject</b> – packet is stopped, deleted and, differently from Drop, a message of rejection is sent to the source from which the packet came.</li> | | <li><b>Reject</b> – packet is stopped, deleted and, differently from Drop, a message of rejection is sent to the source from which the packet came.</li> |
| </ul> | | </ul> |
− | {{#ifeq: {{{nat}}} | 1 |
| + | |
| ===Routing/NAT Offloading=== | | ===Routing/NAT Offloading=== |
| ---- | | ---- |
Line 86: |
Line 83: |
| </tr> | | </tr> |
| </table> | | </table> |
− | |}}
| + | |
| ===Zones=== | | ===Zones=== |
| ---- | | ---- |
Line 267: |
Line 264: |
| You will be redirected to that rule's configuration page: | | You will be redirected to that rule's configuration page: |
| | | |
− | [[File:Networking_rutos_manual_firewall_port_forwards_configuration_mobile_{{{mobile}}}_dualsim_{{{dualsim}}}_wired_{{{wired}}}.png|border|class=tlt-border]] | + | [[File:Networking_rutos_manual_firewall_port_forwards_configuration.png|border|class=tlt-border]] |
| | | |
| <table class="nd-mantable"> | | <table class="nd-mantable"> |
Line 298: |
Line 295: |
| <td>Source MAC address</td> | | <td>Source MAC address</td> |
| <td>mac; default: <b>none</b></td> | | <td>mac; default: <b>none</b></td> |
− | <td>MAC address(es) of connecting hosts.<br>The rule will apply only to hosts that match MAC addresses specified in this field. Leave empty to make the rule skip MAC address matching.</td> | + | <td>MAC address of connecting hosts.<br>The rule will apply only to hosts that match MAC addresses specified in this field. Leave empty to make the rule skip MAC address matching.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
Line 386: |
Line 383: |
| <tr> | | <tr> |
| <td>Protocol</td> | | <td>Protocol</td> |
− | <td>TCP+UDP | TCP | UDP | ICMP | -- custom --; default: <b>TCP+UDP</b></td> | + | <td>TCP+UDP | TCP | UDP | <span style="color:red">ICMP</span> | -- custom --; default: <b>TCP+UDP</b></td> |
| <td>Specifies to which protocols the rule should apply.</td> | | <td>Specifies to which protocols the rule should apply.</td> |
| + | </tr> |
| + | <tr> |
| + | <td><span style="color:red"> Match ICMP type</span></td> |
| + | <td>-- Custom -- | Any | ICMP-type; default: '''none'''</td> |
| + | <td>Allows matching specific ICMP types.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
Line 952: |
Line 954: |
| | | |
| The <b>Custom rules</b> tab provides you with the possibility to execute <b>iptables</b> commands which are not otherwise covered by the device's firewall framework. The commands are executed after each firewall restart, right after the default rule set has been loaded. | | The <b>Custom rules</b> tab provides you with the possibility to execute <b>iptables</b> commands which are not otherwise covered by the device's firewall framework. The commands are executed after each firewall restart, right after the default rule set has been loaded. |
| + | |
| + | <b>Note: </b> Custom rules are not recommended to be used with <i>hostnames</i>. The rules will not remain active after reboot due to security reasons. |
| | | |
| The figure below is an example of the Custom rules tab: | | The figure below is an example of the Custom rules tab: |