About Service Based Rules - NETGEAR ProSafe DGFV338 Reference Manual

DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual

About Service Based Rules

The rules to block traffic are based on the traffic's category of service.
• Inbound rules (allow port forwarding). Inbound traffic is normally blocked by the firewall
unless the traffic is in response to a request from the LAN side. The firewall can be configured
to allow this otherwise blocked traffic.
• Outbound rules (service blocking). Outbound traffic is normally allowed unless the firewall
is configured to disallow it.
• Customized services. Additional services can be added to the list of services in the factory
default list. These added services can then have rules defined for them to either allow or block
that traffic.
• Quality of service (QoS) priorities. Each service at its own native priority that impacts its
quality of performance and tolerance for jitter or delays. You can change this QoS priority if
desired to change the traffic mix through the system.
A firewall has two default rules, one for inbound traffic and one for outbound traffic. The default
rules of the DGFV338 are:
• Default Inbound Policy. Block all inbound traffic to the LAN from the Internet (WAN),
except responses to requests from the LAN. To allow computers from the WAN to access
services on the LAN, a firewall rule for each service must be added
• Default Outbound Policy.Allow all traffic from the LAN to pass through to the Internet.
Firewall rules can then be applied to block specific types of traffic from going out from the
LAN to the WAN.
The Default Outbound Policy is shown in the LAN-WAN Rules table of the Firewall Rules sub-
menu (under Security on the main menu) in
4-2
Figure 4-1:
v1.0, April 2007
.
Security and Firewall Protection