13-30 User’s Reference Guide
Example TCP/UDP Ports
Firewall design rules
There are two basic rules to firewall design:
■
“What is not explicitly allowed is denied.”
and
■
“What is not explicitly denied is allowed.”
The first rule is far more secure, and is the best approach to firewall design. It is far easier (and more secure)
to allow in or out only cer tain ser vices and deny anything else. If the other rule is used, you would have to figure
out ever ything that you want to disallow, now and in the future.
Firewall Logic
Firewall design is a test of logic, and filter rule ordering is critical. If a packet is passed through a series of filter
rules and then the packet matches a rule, the appropriate action is taken. The packet will not pass through the
remainder of the filter rules.
For example, if you had the following filter set...
Allow WWW access;
Allow FTP access;
Allow SMTP access;
Deny all other packets.
and a packet goes through these rules destined for FTP, the packet would pass through the first rule (WWW), go
through the second rule (FTP), and match this rule; the packet is allowed through.
If you had this filter set for example....
Allow WWW access;
Allow FTP access;
Deny FTP access;
Deny all other packets.
TCP Port
Service
UDP Port
Service
20/21
FTP
161
SNMP
23
Telnet
69
TFTP
25
SMTP
387
AURP
80
WWW
144
News
Summary of Contents for R7100
Page 1: ...Netopia R7100 SDSL Router User s Reference Guide ...
Page 12: ...User s Reference Guide ...
Page 18: ...2 4 User s Reference Guide ...
Page 30: ...4 8 User s Reference Guide ...
Page 44: ...5 14 User s Reference Guide ...
Page 68: ...User s Reference Guide ...
Page 80: ...8 12 User s Reference Guide ...
Page 110: ...9 30 User s Reference Guide ...
Page 116: ...10 6 User s Reference Guide ...
Page 148: ...12 20 User s Reference Guide WAN Event History page ...
Page 150: ...12 22 User s Reference Guide ...
Page 200: ...User s Reference Guide ...
Page 206: ...A 6 User s Reference Guide ...
Page 220: ...B 14 User s Reference Guide ...
Page 234: ...E 4 User s Reference Guide ...
Page 240: ...F 6 User s Reference Guide ...
Page 250: ...8 User s Reference Guide ...
Page 256: ...Index 6 ...
Page 258: ...2 User s Reference Guide ...