35
Firewall Tab
This chapter describes the 2Wire gateway firewall features, and provides detailed instructions on how to
modify the firewall settings.
Firewall Features
The 2Wire gateway has a professional-grade firewall to help prevent unauthorized users from accessing
your local network. The 2Wire gateway firewall includes the following features:
Stateful packet inspection.
Blocks common Denial of Service attacks (such as SYN/FIN flooding or Smurf),
and detects and logs TCP and UDP port scans.
Stateless packet inspection.
Filters specific NetBios traffic, suspicious packets and IP fragments; blocks
packets sent from the private network to the Internet that have spoofed IP addresses.
Network Address Translation (NAT).
Translates a local network’s IP address to an external address
maintained by the 2Wire gateway, effectively “hiding” the existence of a home network to the Internet. The
2Wire gateway then uses this external address to communicate with the Internet on behalf of devices
connected to the local network.
Port Address Translation (PAT).
A function provided by some routers which allows hosts on a LAN to
communicate with the rest of a network (such as the Internet) without revealing their own private IP
address. All outbound packets have their IP address translated to the router’s external IP address. Replies
come back to the router, which then translates them back into the private IP address of the original host for
final delivery. During PAT, each computer on the LAN is translated to the same IP address, but with a
different port number assignment.
Inbound and outbound port blocking.
Blocks common inbound and outbound protocol types from passing
information to or receiving information from the Internet.