Configuring IP Filters
141
Configuring IP Filter Global Settings
The [IP Filter Configuration] page enables you to configure
the following global IP filter settings.
[Security Level:]
This setting determines which IP filter rules take effect, based
on the security level specified in each rule. For example, when
[High] is selected, only those rules that are assigned a High
security value will be effective. The same is true for the [Medium]
and [Low] settings. When [None] is selected, IP filtering is disabled.
[Private Default Action:], [Public Default Action:],
[DMZ Default Action:]
These settings specify a default action ([Accept] or [Deny]) to be
taken on Private, Public or DMZ type device interfaces when they
receive packets that do not match any of the filtering rules. You
can specify a different default action for each interface type. (You
specify an interface's type when you create the interface; see the
PPP configuration page, for example.)
-
A Public interface typically connects to the Internet. PPP,
EoA, and IPoA interfaces are typically public. Packets
received on a public interface are subject to the most
restrictive set of firewall protections defined in the software.
Typically, the global setting for public interfaces is [Deny],
so that all accesses to your LAN initiated from external
computers are denied (discarded at the public interface),
except for those allowed by a specific IP filter rule.