Manual:Network/Firewall

From Compex Wiki
Jump to: navigation, search

Firewall

The Network ➤ Firewall page contains the subpages for #General Settings, #Port Forwards, and #Traffic Rules.

General Settings

The firewall creates zones over the network interfaces to control network traffic flow.

The Network ➤ Firewall ➤ General Settings page contains the zone settings.

Zone Settings

CpxWRT Network Firewall Zone Setting.png

Enable SYN-flood protection: Checked by default.

Drop invalid packets: Unchecked by default.

Input: To accept by default.

Output: To accept by default.

Forward: To reject by default.

Zones

CpxWRT Network Firewall Zone.png


The Zones section showing the default settings for the firewall zones.

Port Forwards

Port forwarding allows remote computers on the Internet to connect to a specific computer or service within the private LAN.

The Network ➤ Firewall ➤ Port Forwards page lets you define the protocol and port number to access an internal IP address.

CpxWRT Network Firewall Port Forwarding.png

Adding a port forwarding rule.

Traffic Rules

The Network ➤ Firewall ➤ Traffic Rules page configures the traffic rules and source NAT.

Traffic Rules

Traffic rules define policies for packets travelling between different zones, for example to reject traffic between certain hosts or to open WAN ports on the router.

CpxWRT Network Traffic Rules.png

Firewall Traffic Rules with the default settings.

CpxWRT Network Open Ports.png

You can choose to open ports on the router or add new forwarding rules.

Source NAT

Source NAT is a specific form of masquerading which allows fine grained control over the source IP used for outgoing traffic, for example to map multiple WAN addresses to internal subnets.

CpxWRT Network Source NAT.png

Source NAT.