Configure Firewall for TalkTalk Broadband Huawei Echolife Router
One of chosen wireless router by TalkTalk is Huawei Echolife Router. Huawei is China-based telecommunication solution provider. With regard to the firewall function of this product is very unusual. We may feel power of the notorious Great Firewall of China (GFW) through this Huawei Echolife Wireless router, which has many levels and selections of settings of the firewall function.
Your router may be of different type, but reading this article will also help you understand the firewall that stand between your local area network and the outside world: --
The firewall function can be classified into six sub-functions: MAC filtering, IP filtering, URL filtering, Application filtering, DOS attack, and ACL. The firewall level is a common property of the preceding six sub-functions. If you change the setting of the firewall level, the setting takes effect on all the six sub-functions.
The firewall has seven levels: Disable, Block_All, High, Middle, Low, Standard, and Custom. To disable the firewall function, you can select Disable. The filtering degree of the firewall decreases in the sequence of Block_All, High, Middle, and Low. By default, the firewall level is set to Standard. The customized level, In other words, you can customize the firewall level as required.
MAC Filtering
If you select the MAC filtering check box, the gateway filters the packets transmitted from the source MAC address to the destination MAC address. Through time control, the MAC filtering can be implemented during a specified period. When there are multiple filtering rules, you can define the priorities of these rules. When Disable is displayed in Status, it indicates that the rule is disabled. Accept indicates that the packets that conform to the rule are allowed to pass. Reject indicates that the packets that conform to the rule are not allowed to pass.
IP Filtering
If you select the IP Filtering check box, the gateway filters the packets transmitted from the port range of the source IP address segment to the port range of the destination IP address segment. The protocol can be set to TCP, UDP, ICMP, TCP/UDP, or ALL. The source IP address segment ranges from the source start address to the source end address; the source port range is from the source start port to the source end port; the destination IP address segment ranges from the destination start address to the destination end address; the destination port range is from the destination start port to the destination end port. The interface indicates the direction from which the packet enters. You can define the priorities of the filtering rules. When Disable is displayed in Status, it indicates that the rule is disabled. Accept indicates that the packets that conform to the rule are allowed to pass. Reject indicates that the packets that conform to the rule are not allowed to pass.
URL Filtering
If you select the URL filtering check box, the gateway controls the access to Web sites. A URL is the domain name of a Web site. You can define the priorities of the filtering rules. When Disable is displayed in Status, it indicates that the rule is disabled. Accept indicates that the packets that conform to the rule are allowed to pass. Reject indicates that the packets that conform to the rule are not allowed to pass.
Application Filtering
If you select the Application filtering check box, the gateway controls the access to applications, such as the FTP, SSH, and Telnet applications, which pass through the gateway. When Disable is displayed in Status, it indicates that the rule is disabled. Accept indicates that the packets that comply with the rule are allowed to pass. Reject indicates that the packets that conform to the rule are not allowed to pass.
DOS Attack
If you select the DOS attack check box, the gateway prevents the DOS attack from the external network to the internal network. The DOS attack includes the ICMP flooding attack, SYN flooding attack, and ARP attack.
ACL
If you select the ACL check box, the gateway controls the access from the LAN and the WAN to the gateway. A service type is the type of an application service, such as HTTP, TELNET, ICMP, etc. The access direction indicates that the access is initiated from the LAN or the WAN. The source IP address segment that can access the gateway ranges from the start IP address to the end IP address. The access control list (ACL) is a whitelist. In other words, all configured rules are allowed to be accessed by default. The general rule, however, is to reject all the application services in the drop-down list by default.