Re: Locking All but some LAN to WAN traffic on P334

Author	All Replies
jbibe Premium,MVM join:2001-02-22 1 edit	reply to MrYogi Re: Locking All but some LAN to WAN traffic on P334 I gave an outline of one method of controlling all of the LAN to WAN traffic in one of your previous threads: »Re: What ports to block? You must decide exactly what you would like to accomplish. When you have an exact list, describe your desires in detail.
	to forum · permalink · · 2004-04-05 20:03:24 ·
MrYogi join:2003-03-28 Reston, VA	In your instructions, said by jbibe : 1. Set the LAN to WAN logging on the Firewall Settings screen to Log All. 2. Enable Services Blocking 3. Enable Everyday (in Day to Block) 4. Enable All Day (in Time of Day to Block) 5. Add the Services (ports) that you want to allow 6. Press Apply I am not able to understand # 5. Add the ports that you want to allow? Where do I add them? On the services screen, there are available services and blocked services. There is a way to add services(ports) to blocked services. There is no way to add specific ports to available services. Am I getting it right? Thank you
	to forum · permalink · · 2004-04-06 09:11:25 ·
Anav Sarcastic Llama? Naw, Just Acerbic Premium join:2001-07-16 Dartmouth, NS 2 edits	No you just have not hoisted in his methodology You are going to turn block services inside out! First enable the services Identify the services your are going to EVENTUALLY ALLOW by blocking them........ (think of it at this point as an identifying process if it helps....) Then your going into the CLI manual entry set, and change the current default for LAN to WAN from allow to block. Currently, all services from LAN to WAN are allowed. That is why block services is in place - BlOck Services is basically a way of providing LAN to WAN rules.................. Jbibe through the CLI set then changes the default setting to BLOCK ALL, instead of ALLOW all. These commands are not available on the Gui but exist in the router via manual methods. THEN he manually changes the rules for the services you have identified in the web GUI from BLOCK to FORWARD(allow). Now you have a LAN to WAN that is locked down, but allows those services you have identified to pass through.. Its simple, brilliant, and typical Jbibe. In your mind, change the words "BLOCK SERVICES" TO "LAN TO WAN RULES" Before LAN TO WAN - set to Allow All Block Services - LAN to WAN rules Off (not enabled) Default for Identified Services is Blocked After LAN to WAN - set to BLOCK All Block Services - LAN to WAN rules ON (EnABLED) Default for Identifed services is Allowed -- Ain't nuthin but the blues! "Albert Collins". Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"
	to forum · permalink · · 2004-04-06 09:20:53 ·
jbibe Premium,MVM join:2001-02-22	reply to MrYogi In the example, the initial setup allows all services you want to block, and blocks all of the services you want to allow. After that initial setup, CLI commands are used to reverse these actions. So you select the services you want to allow from the Service list, even though it says block. Are you planning to block some services for part of the day? For example, do you plan to block all access during the night? If so, then you cannot use the example.
	to forum · permalink · · 2004-04-06 09:23:40 ·
Anav Sarcastic Llama? Naw, Just Acerbic Premium join:2001-07-16 Dartmouth, NS 1 edit	Well thats another example JBIBE, I would say that the user should be able to delineate with the time/day/week function.. WHEN HE WANTS THOSE SERVICES FORWARDED My question is what happens when its outside the time/day/week , I would say that the services identified for forwarding would join the rest of the default and be blocked ie not forwarded..... -- Ain't nuthin but the blues! "Albert Collins". Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"
	to forum · permalink · · 2004-04-06 09:32:40 ·
jbibe Premium,MVM join:2001-02-22	I have not tested your example, but it probably works as you suggest.
	to forum · permalink · · 2004-04-06 09:41:59 ·
Anav Sarcastic Llama? Naw, Just Acerbic Premium join:2001-07-16 Dartmouth, NS	said by jbibe : I have not tested your example, but it probably works as you suggest. But of course, its Llama logic -- Ain't nuthin but the blues! "Albert Collins". Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"
	to forum · permalink · · 2004-04-06 10:00:03 ·


Sunday, 29-Nov 18:04:50	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF