This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
advanced-firewall [2022/01/21 03:03] – formatting hogwild | advanced-firewall [2022/01/21 03:05] – deleted screenshot caption-it was redundant hogwild | ||
---|---|---|---|
Line 3: | Line 3: | ||
The Firewall page allows you to configure options to protect/ | The Firewall page allows you to configure options to protect/ | ||
- | {{: | + | {{: |
- | \\ | + | |
- | **WAN interfaces respond to ping and traceroute** - If enabled, allows your device to reply to certain ICMP/UDP packets from Internet hosts so that //ping //and // | + | |
- | **Limit communication to **- Specifies the maximum number of requests per second to which the Firewall will reply. Setting a limit number is recommended to prevent DDoS attacks.\\ | + | **Limit communication to **- Specifies the maximum number of requests per second to which the Firewall will reply. Setting a limit number is recommended to prevent DDoS attacks.\\ |
- | \\ | + | |
- | \\ | + | |
- | {{: | + | |
- | \\ | + | |
- | **Enable TCP SYN cookies** - Enabling this protects the router from SYN Flood attacks via the well-known "SYN cookies" | + | |
**Enable DCSP Fix** - This enables a workaround for a well-known issue related to DSCP (packet marking) when connected to the Comcast ISP. | **Enable DCSP Fix** - This enables a workaround for a well-known issue related to DSCP (packet marking) when connected to the Comcast ISP. | ||
- | **IPv6 IPSec Passthrough** - FIXME\\ \\ | + | **IPv6 IPSec Passthrough** - FIXME\\ \\ |
- | \\ | + | |
- | {{: | + | |
- | \\ | + | |
- | **NAT loopback** - also known as " | + | |
* All | * All | ||
Line 30: | Line 19: | ||
\\ | \\ | ||
- | Multicast\\ {{: | + | \\ {{: |
**Enable IGMP proxy** - Runs the IGMP (Internet Group Management Protocol) service on the router. | **Enable IGMP proxy** - Runs the IGMP (Internet Group Management Protocol) service on the router. | ||
Line 38: | Line 27: | ||
**Enable quick leave** - This is a feature of IGMP v2. This allows the router to stop the streaming of a multicast to an IP address as soon as that end device sends the quick leave IGMP packet. | **Enable quick leave** - This is a feature of IGMP v2. This allows the router to stop the streaming of a multicast to an IP address as soon as that end device sends the quick leave IGMP packet. | ||
- | **Custom Configuration** - This option allows you to set up advanced parameters for the IGMP proxy daemon. Please consult the official IGMP documentation before finalizing these settings.\\ | + | **Custom Configuration** - This option allows you to set up advanced parameters for the IGMP proxy daemon. Please consult the official IGMP documentation before finalizing these settings.\\ |
- | \\ | + | |
\\ {{: | \\ {{: | ||
Line 53: | Line 41: | ||
**Max clients -** Considering this is a lightwave protocol it works well for a limited number of clients, you might want to impose a maximum number.Specifies the maximum number of simultaneous Udpxy clients. | **Max clients -** Considering this is a lightwave protocol it works well for a limited number of clients, you might want to impose a maximum number.Specifies the maximum number of simultaneous Udpxy clients. | ||
- | **Udpxy port**- This is where you can consult the Udpxy information on your router.\\ | + | **Udpxy port**- This is where you can consult the Udpxy information on your router.\\ |
- | \\ | + | |
- | \\ | + | |
- | {{: | + | |
- | \\ | + | |
- | **Efficient Multicast Forwarding (IGMP Snooping) -** IGMP snooping is a way to have the switch (router) facilitating the discovery of multicast (IGMP) clients. Beware that enabling IGMP snooping might interfere with some multicast-based applications/ | + | |
- | **Force IGMPv2** - IGMPv2 enhances the IGMP communication supporting additional messages/ | + | **Force IGMPv2** - IGMPv2 enhances the IGMP communication supporting additional messages/ |
- | \\ | + | |