SMC Networks Router SMCWBR14S-N2 User Manual

FIREWALL
4-49
Firewall
The Barricade Router’s firewall inspects packets at the application layer, 
maintains TCP and UDP session information including time-outs and the 
number of active sessions, and provides the ability to detect and prevent 
certain types of network attacks. 
Network attacks that deny access to a network device are called 
Denial-of-Service (DoS) attacks. DoS attacks are aimed at devices and 
networks with a connection to the Internet. Their goal is not to steal 
information, but to...

CONFIGURING THE BAR RICADE
4-50
Access Control
Access Control allows users to define the outgoing traffic permitted or 
not-permitted through the WAN interface. The default is to permit all 
outgoing traffic.
The following items are on the Access Control screen:  
Parameter Description
Enable Filtering 
FunctionEnable or Disable Access control function. 
Normal Filtering Table Displays descriptive list of Filtering rules defined.  

FIREWALL
4-51
To create a new access control rule:
1. Click Add PC on the Access Control screen. The Access Control Add 
PC screen will appear. 
2. Define the appropriate settings for client PC services.
3. Click OK and then click SAVE SETTINGS to save your settings. 

CONFIGURING THE BAR RICADE
4-52
MAC Filter
The MAC Filter allows you to define what client PC’s can access the 
Internet. When enabled only the MAC addresses defined in the MAC 
Filtering table will have access to the Internet. All other client devices will 
be denied access.
You can enter up to 32 MAC addresses in this table. 
 
1. MAC Address Control: select enable or disable.
2. MAC Filtering Table: enter the MAC address in the space provided. 

FIREWALL
4-53
URL Blocking
The Barricade allows the user to block access to web sites by entering 
either a full URL address or just a keyword. This feature can be used to 
protect children from accessing violent or pornographic web sites.
 
You can define up to 30 sites here.  

CONFIGURING THE BAR RICADE
4-54
Schedule Rule
You may filter Internet access for local clients based on rules. Each access 
control rule may be activated at a scheduled time. Define the schedule on 
the Schedule Rule screen, and apply the rule on the Access Control screen.
  

FIREWALL
4-55
Follow these steps to add a schedule rule:
 
1. Click Add Schedule Rule on the Schedule Rule screen. The Edit 
Schedule Rule screen will appear.
2. Define the appropriate settings for a schedule rule.
3. Click OK and then click SAVE SETTINGS to save your settings. 

CONFIGURING THE BAR RICADE
4-56
Intrusion Detection
• Intrusion Detection Feature
Stateful Packet Inspection (SPI) and Anti-DoS firewall protection 
(Default: Enabled) — The Intrusion Detection Feature of the Barricade 
Router limits access for incoming traffic at the WAN port. When the SPI 
feature is turned on, all incoming packets will be blocked except for those 
types marked in the Stateful Packet Inspection section. 
RIP Defect (Default: Enabled) — If an RIP request packet is not 
acknowledged to...

FIREWALL
4-57
•Stateful Packet Inspection 
This is called a “stateful” packet inspection because it examines the 
contents of the packet to determine the state of the communications; i.e., it 
ensures that the stated destination computer has previously requested the 
current communication. This is a way of ensuring that all communications 
are initiated by the recipient computer and are taking place only with  

CONFIGURING THE BAR RICADE
4-58
sources that are known and trusted from previous interactions. In addition 
to being more rigorous in their inspection of packets, stateful inspection 
firewalls also close off ports until connection to the specific port is 
requested. 
When particular types of traffic are checked, only the particular type of 
traffic initiated from the internal LAN will be allowed. For example, if the 
user only checks “FTP Service” in the Stateful Packet Inspection section, 
all incoming...