Air Live Router WL-1000UR User Manual
Have a look at the manual Air Live Router WL-1000UR User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 15 Air Live manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
31 4.6.1 Packet Filter Packet Filter enables you to control what packets ar e allowed to pass the router. Outbound filter applies on all outbound packets. However, Inbound filter applie s on packets that destined to Virtual Servers or DMZ host only. You can select one of the two filtering policies: 1. Allow all to pass except those match the specified rules 2. Deny all to pass except those match the specified rules You can specify 8 rules for each direction: inboun d or outbound. For each rule, you can define the following: • Source IP address • Source port address • Destination IP address • Destination port address • Protocol: TCP or UDP or both. • Use Rule# For source or destination IP address, you can define a single IP address (4.3.2.1) or a range of IP addresses (4.3.2.1-4.3.2.254). An empty implies all IP addresses.
32 For source or destination port, you can define a single port (80) or a range of ports (1000-1999). Add prefix T or U to specify TCP or UDP protocol . For example, T80, U53, U2000-2999. No prefix indicates both TCP and UDP are defined. An empty implies all port addresses. Packet Filter can work with Scheduling Rules , and give user more flexibility on Access control. For Detail, please refer to Scheduling Rule . Each rule can be enabled or disabled individually. Inbound Filter: To enable Inbound Packet Filter click the check box next to Enable in the Inbound Packet Filter field. Suppose you have SMTP Server (25), POP Server (1 10), Web Server (80), FTP Server (21), and News Server (119) defined in Virtual Server or DMZ Host. Example 1: (1.2.3.100-1.2.3.149) They are allow to send mail (port 25), receive mail (port 110), and browse the Internet (port 80) (1.2.3.10-1.2.3.20) They can do everything (block nothing) Others are all blocked.
33 Example 2: (1.2.3.100-1.2.3.119) They can do everything except read net news (port 119) and transfer files via FTP (port 21) Others are all allowed. After Inbound Packet Filter setting is configured, click the save button. Outbound Filter: To enable Outbound Packet Filter click the check box next to Enable in the Outbound Packet Filter field.
34 Example 1: (192.168.1.100-192.168.1.149) They are allowed to send mail (port 25), receive mail (port 110), and browse Internet (port 80); port 53 (DNS) is necessary to resolve the domain name. (192.168.1.10-192.168.1.20) They c an do everything (block nothing) Others are all blocked.
35 Example 2: (192.168.1.100-192.168.1.119) They can do everything except read net news (port 119) and transfer files via FTP (port 21) Others are allowed After Outbound Packet Filter setting is configured, click the save button.
36 4.6.2 Domain Filter Domain Filter Let you prevent users under this devic e from accessing specific URLs. Domain Filter Enable Check if you want to enable Domain Filter. Log DNS Query Check if you want to log the action when someone accesses the specific URLs. Privilege IP Addresses Range Setting a group of hosts and privilege these host s to access network without restriction. Domain Suffix A suffix of URL to be restricted. For example, .com, xxx.com. Action When someone is accessing the URL met the domain-suffix, what kind of action you want. Check drop to block the access. Check log to log these access. Enable Check to enable each rule.
37 Example: In this example: 1. URL include “www.msn.com” will be blocked, and the action will be record in log-file. 2. URL include “www.sina.com” will not be block ed, but the action will be record in log-file. 3. URL include “www.google.com” will be blocked, but the action will not be record in log-file. 4. IP address X.X.X.1~ X.X.X.20 can access network without restriction.
38 4.6.3 URL Blocking URL Blocking will block LAN computers to co nnect to pre-defined Websites. The major difference between “Domain filter” and “URL Blocking” is Domain filter require user to input suffix (like .com or .org, etc), while URL Blocking r equire user to input a keyword only. In other words, Domain filter can block specific website, while UR L Blocking can block hundreds of websites by simply a keyword . URL Blocking Enable Checked if you want to enable URL Blocking. URL If any part of the Websites URL matches the pre-defined word, the connection will be blocked. For example, you can use pre-defined word sex to bl ock all websites if their URLs contain pre-defined word sex. Enable Checked it to enable each rule.
39 In this example: 1. URL include “msn” will be blocked, and the action will be record in log-file. 2. URL include “sina” will be blocked, but the action will be record in log-file 3. URL include “cnnsi” will not be blocked, but the action will be record in log-file. 4. URL include “espn” will be blocked, but the action will be record in log-file
40 4.6.4 MAC Address Control MAC Address Control allows you to assign different access right for different users and to assign a specific IP address to a certain MAC address. MAC Address Control Check “Enable” to enable the “MAC Address Control”. All of the settings in this page will take effect only when “Enable” is checked. Connection control Check Connection control to enabl e the controlling of which wired and wireless clients can connect to this devic e. If a client is denied to connect to this device, it means the client cant access to the Internet either. Choose allow or deny to allow or deny t he clients, whose MAC addresses are not in the Control table (please see be low), to connect to this device. Association control Check Association control to enabl e the controlling of which wireless client can associate to the wireless LA N. If a client is denied to associate to the wireless LAN, it means the c lient cant send or receive any data via this device. Choose allow or deny to allow or deny the clients, whose MAC addresses are not in the Control t able, to associate to the wireless LAN.