From the entire data stream passing through the IP router, the firewall filters out all data packets that have been targeted for special treatment.
The firewall only inspects the data packets that are routed by the IP router in the device. In general, these are data packets being exchanged between the internal networks (LAN, WLAN, DMZ) and the "outside world" via one of the WAN interfaces. Communication between the LAN and WLAN is not usually handled by the router, assuming that the LAN bridge allows a direct exchange. Thus the firewall rules do not apply here. The same applies to the so-called "internal services" such as Telnet, TFTP, SNMP and the web server for configuration via WEBconfig. The data packets for these services do not travel through the router and are therefore not affected by the firewall.
The firewall in the device inspects the data packets using a number of lists, which are generated automatically from the firewall rules, the firewall actions triggered by them, or the active data connections:
When a data packet is to be routed via the IP router, the firewall uses the lists as follows:
The four lists obtain their information as follows:
All lists used by the firewall to inspect the data packets are therefore ultimately based on the firewall rules (Parameters of the firewall rules).
www.lancom-systems.com
LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de