Ian Cowan
09-23-08, 02:58 PM
I use Kerio 2.1.5 Firewall
& i'm having some difficulty getting Richard Jones rule set to work
properly
I'm attaching some jpg's of rule sets so far.
My ISP uses dynamic DNS for broadband ADSL
the folling are mockups of screen prints
pointing the browser to
http://10.1.1.0/ gets to the speedstream 4200
Speedstream Router Management Interface
Speedstream Optusnet
Broadband
System Summary
System Type: SpeedStream 4200-Series
[ianSnip]
[ian also snipping MAC addresses]
Point to Point Connection Summary:
PPPoE 8/35 58.107.93.177
AccConn: rdl21.ba
Current Log Entries
0000-00-00 00:00:01 E |System |Current Mode:
Bridge-Router
0000-00-00 00:00:01 E |CWMP |CWMP agent cannot reach
the ACS named http://acs.optusnet.com.au:1111/ACS-INTF. Trying again
in 10 seconds
0000-00-00 00:00:01 E |DSL |Boost DSP
0000-00-00 00:00:01 E |DSL |DataPump Version -
04.02.01.00
0000-00-00 00:00:02 E |DSL |State: WAITING
0000-00-00 00:00:03 E |USB |Link Up
0000-00-00 00:00:03 E |DHCP Server |Address 10.1.1.3 given
out to 00:13:a3:61:60:f5
0000-00-00 00:00:03 E |DHCP Server |1 Address(es) leased
0000-00-00 00:00:08 E |DSL |State: INITIALIZING
0000-00-00 00:00:18 E |DHCP Server |Address 10.1.1.3 given
out to 00:13:a3:61:60:f5
0000-00-00 00:00:18 E |DHCP Server |1 Address(es) leased
0000-00-00 00:00:25 E |DSL |State: WAITING
0000-00-00 00:00:31 E |DSL |State: INITIALIZING
0000-00-00 00:00:33 E |DHCP Server |Address 10.1.1.3 given
out to 00:13:a3:61:60:f5
0000-00-00 00:00:33 E |DHCP Server |1 Address(es) leased
0000-00-00 00:00:37 E |DSL |State: WAITING
0000-00-00 00:00:43 E |DSL |State: INITIALIZING
0000-00-00 00:00:48 E |DHCP Server |Address 10.1.1.3 given
out to 00:13:a3:61:60:f5
0000-00-00 00:00:48 E |DHCP Server |1 Address(es) leased
0000-00-00 00:00:56 E |DSL |HYBRID 1
0000-00-00 00:00:56 E |DSL |Link up 1 US 759 DS 1434
(INTL:ADSL2)
0000-00-00 00:00:56 E |PPPoE |oe00: tx PADI, id: 0000,
ac: (NULL), sn: (NULL), MAC: [ianSnip]
0000-00-00 00:00:56 E |PPPoE |Sending PADT/LCP
Terminate for Session ID = F8BD
0000-00-00 00:00:56 E |PPPoE |oe00: rx AC Name:
rdl21.ba
0000-00-00 00:00:56 E |PPPoE |oe00: tx PADR, id: 0000,
ac: (NULL), sn: (NULL), MAC: [ianSnip]
0000-00-00 00:00:56 E |PPPoE |oe00: rx PADS id: F921
MAC [ianSnip]
0000-00-00 00:00:59 E |PPP |LCP neg PAP
0000-00-00 00:00:59 E |PPP |LCP up
0000-00-00 00:00:59 E |PPP |IPCP nak option: 3
0000-00-00 00:00:59 E |PPP |IPCP nak option: 129
0000-00-00 00:00:59 E |PPP |IPCP nak option: 131
0000-00-00 00:00:59 E |PPP |IPCP up ip:
58.107.93.177, gw: 198.142.130.18
0000-00-00 00:00:59 E |PPP |IPCP dns:
211.29.132.12, 198.142.0.51
0000-00-00 00:01:04 E |DHCP Server |Address 10.1.1.3 given
out to 00:13:a3:61:60:f5
0000-00-00 00:01:04 E |DHCP Server |1 Address(es) leased
0000-00-00 00:01:05 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:01:05 E |DHCP Server |0 Address(es) leased
0000-00-00 00:01:21 E |CWMP |CWMP agent cannot reach
the ACS named http://acs.optusnet.com.au:1111/ACS-INTF. Trying again
in 1 minute
0000-00-00 00:02:05 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:02:05 E |DHCP Server |0 Address(es) leased
0000-00-00 00:03:05 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:03:05 E |DHCP Server |0 Address(es) leased
0000-00-00 00:04:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:04:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:05:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:05:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:06:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:06:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:07:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:07:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:08:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:08:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:09:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:09:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:10:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:10:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:11:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:11:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:12:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:12:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:13:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:13:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:14:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:14:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:15:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:15:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:16:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:16:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:17:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:17:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:18:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:18:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:19:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:19:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:20:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:20:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:21:01 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:21:01 E |DHCP Server |0 Address(es) leased
0000-00-00 00:22:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:22:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:23:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:23:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:24:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:24:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:25:01 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:25:01 E |DHCP Server |0 Address(es) leased
0000-00-00 00:26:01 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
[ ianSnip similar lines ]
Log Display Options
Display All Log Entries
System Firewall ADS
Network ATM DSL
Ethernet USB Firmware
Config DHCP Server DHCP Client
PPP PPPoE UPnP
Diags NAT Owner DDNS Client
User Content Filter ARP
Telnet Admin Time Client
CWMP Agent Internet Gateway Device
Routes
Current Routing Table
Destination Netmask Gateway Flags Metric
Interface
127.0.0.0 255.0.0.0 127.0.0.1 1
lo0
10.1.1.0 255.255.255.0 10.1.1.1 1
LAN
Default Gateway 198.142.130.18 5
PPPoE 8/35
58.107.93.177 255.255.255.255 58.107.93.177 1
LAN
Flags legend: (R)ip route, (S)tatic
SETUP |
ppp
ISP Password
Setup for PPPoE 8/35 Access Concentrator: rdl21.ba
Username: ... me ...
Password:
Access
Concentrator (Optional)
Service Name (Optional)
[ian checked ] Auto-Connect on Disconnect
Use Idle Timeout 0 Minutes
Mode
Mode Selection
Select the operation mode:
[ian radio button checked] Optus Bridge
[ian radio button NOT checked] NAPT
[ian radio button NOT checked] Full Bridge
Remote Access
Remote Management Access
Username:
Password:
Application Port
HTTP
FTP
Telnet
Allow access for 20 minutes
User Profiles
Profile Wizard
Current Profiles
# Profile IP Address Actions
0
1
2
3
4
5
Force all users to be identified before surfing
WAN interface
WAN Interface Configuration Wizard
Current Configuration
# VC Type Name Actions
0 8/35 PPPoE PPPoE 8/35 Disable Delete
button button
1
2
3
4
5
6
7
*Checked interface is the default WAN interface
Host
Host Configuration
IP Address: 10.1.1.1
IP Netmask: 255.255.255.0
Default Gateway: or [ ticked ] Use WAN
Host Name: [ian set to Optusnet ]
DHCP
DHCP Configuration
DHCP Server: [ian radio button checked ] "Enable"
[ian radio button NOT checked ] "Disable"
[ian radio button NOT checked ] DHCP Relay
Relay IP: ian grayed 0.0.0.0
Client IP Address: 10.1.1.3
IP Netmask: [ian 255.255.255.0 ]
Default Gateway: [ian 10.1.1.1 ] or [radio button NOT
checked [Self]
DNS Server: [ian blank ] or [radio button CHECKED
[Self]
Primary or Self
DNS Server:
Secondary [ian blank ] (Optional)
Domain Name: [ ian it's set to "domain.invalid" without
quotes]
Lease Time (mins): [ian 1 ]
Requires a specified DNS or [radio button NOt Checked
"Infinite time"
Time Client
Configure Time Zone
Enable Time Client:
[ ian radio button Not Checked ] "No"
[ ian radio button CHECKED] "Yes"
Primary Server: [ ian time.optusnet.com.au ]
Secondary Server: [ian pool.ntp.org ] (Optional)
Select Time Zone: [ian is 0 ] (minutes from UTC)
ian note this is why DNS shows ISP is
located
in
sydney
Static Route Configuration
Currently Configured Static Routes
# Destination Net Mask Next Hop Interface
Edit Delete
Static Route list is empty.
Add Route
Destination Net Mask Next Hop Interface
[ian ---- select ---
with a drop down arrow ]
FIREWALL [ian 7 of these]
Firewall Level Configuration
Current Firewall level: [ian set to "Low" ]
Select Firewall Level: [ ian drop arrow but currently set to off
]
Firewall Snooze Control
Current Snooze interval: [ ian set "Off " "
[radio button ian NOT CHECKED Disable Snooze
[radio button ian NOT CHECKED ] Enable Snooze,
and set the Snooze time interval to:
(minutes)
[radio button ian NOT CHECKED ] Reset the Snooze time interval to:
(minutes)
DMZ
Firewall DMZ Configuration
Current DMZ Status: Enabled
Current DMZ Host IP Address: 58.107.93.177
[ian this radio button is CHECKED ] Disable DMZ
[radio button ian NOT CHECKED ] Enable DMZ with this Host IP
address: [ian 58.107.93.177 ]
[radio button ian NOT CHECKED ] Enable DMZ with this Host IP address
[ with a drop
down button "Select Host"]]
["refresh" button]
[radio button ian NOT CHECKED ] Make Settings Permanent
[radio button ian CHECKED ] Make Settings Last Until Modem Reboots
[radio button ian NOT CHECKED ] Make Settings Last For: [ ian 60 ]
minutes
["Apply" button] ["Reset" button]
filter Rules
Firewall IP Filter Configuration Wizard
Inbound IP Filter Rules
Rule
No. Protocol Destination Destination
Enable
Interface Address
Disable Delete
122 GRE any WAN Interface any
Protected Protected
124 50 any WAN Interface any
Protected Protected
Outbound IP Filter Rules
Rule
No. Protocol Source Source Enable
Interface Address
Disable Delete
120 any any WAN Interface any
Protected Protected
[ian then buttons]
"Add New IP Filter Rule"
"Clone IP FIlter Level"
"Delete All"
Log
Firewall Log
[ian shows "No Events."
ADS
Firewall Attack Detection System Configuration
Enable Attack Detection System [ian Checkbox CHECKED ]
After enabling the Attack Detection System,
select events below to filter and/or log:
[checkbox NOT CHECKED } "Filter All" [checkbox NOT CHECKED ]
"Log All"
all items have checked "Filter"
AND Log check boxes
Same Source and Destination Address
Broadcast Source Address
LAN Source Address On WAN
Invalid IP Packet Fragment
TCP NULL
TCP FIN
TCP Xmas
Fragmented TCP Packet
Fragmented TCP Header
Fragmented UDP Header
Fragmented ICMP Header
Inconsistent UDP/IP header lengths
Inconsistent IP header lengths
[ "apply" button]
********** end of Firewall options ******************
UPNP
UPnP Configuration
[ian radio button NOT CHECKED ] Disable UPnP
[ian radio button NOT CHECKED ] Enable Discovery and Advertisement
only (SSDP)
[ian radio button CHECKED!!! ] Enable full Internet Gateway Device
(IGD) support
Options:
[ian checkbox NOT CHECKED ] Enable access logging
[ian checkbox NOT CHECKED ] Read-only mode
RIP
RIP Configuration
RIP Version Active
Interface Disabled 1 2 1&2
Mode Multicast
Local Area Network [x] ian radio button checked]
PPPoE 8/35 [x] ian radio button checked]
radio buttons under RIP Active Mode &
Multicast NOT checked
"apply" and "reset" buttons
Server Ports
SpeedStream Gateway Server Ports
Application Port
HTTP 80
FTP 21
Telnet 23
"apply" and "reset" buttons
Dynamic DNS
Set Up Dynamic DNS
Dynamic DNS Client
[radio button ian CHECKED ] Disable
[radio button ian Not checked ] Enable
Service Username: [ ian blank ]
Service Password: [ ian blank ]
Host Name 1: [ ian blank ]
Host Name 2: [ ian blank ] (Optional)
"apply" and "reset" buttons
***************** end of the mock- up screen prints. ******
& i'm having some difficulty getting Richard Jones rule set to work
properly
I'm attaching some jpg's of rule sets so far.
My ISP uses dynamic DNS for broadband ADSL
the folling are mockups of screen prints
pointing the browser to
http://10.1.1.0/ gets to the speedstream 4200
Speedstream Router Management Interface
Speedstream Optusnet
Broadband
System Summary
System Type: SpeedStream 4200-Series
[ianSnip]
[ian also snipping MAC addresses]
Point to Point Connection Summary:
PPPoE 8/35 58.107.93.177
AccConn: rdl21.ba
Current Log Entries
0000-00-00 00:00:01 E |System |Current Mode:
Bridge-Router
0000-00-00 00:00:01 E |CWMP |CWMP agent cannot reach
the ACS named http://acs.optusnet.com.au:1111/ACS-INTF. Trying again
in 10 seconds
0000-00-00 00:00:01 E |DSL |Boost DSP
0000-00-00 00:00:01 E |DSL |DataPump Version -
04.02.01.00
0000-00-00 00:00:02 E |DSL |State: WAITING
0000-00-00 00:00:03 E |USB |Link Up
0000-00-00 00:00:03 E |DHCP Server |Address 10.1.1.3 given
out to 00:13:a3:61:60:f5
0000-00-00 00:00:03 E |DHCP Server |1 Address(es) leased
0000-00-00 00:00:08 E |DSL |State: INITIALIZING
0000-00-00 00:00:18 E |DHCP Server |Address 10.1.1.3 given
out to 00:13:a3:61:60:f5
0000-00-00 00:00:18 E |DHCP Server |1 Address(es) leased
0000-00-00 00:00:25 E |DSL |State: WAITING
0000-00-00 00:00:31 E |DSL |State: INITIALIZING
0000-00-00 00:00:33 E |DHCP Server |Address 10.1.1.3 given
out to 00:13:a3:61:60:f5
0000-00-00 00:00:33 E |DHCP Server |1 Address(es) leased
0000-00-00 00:00:37 E |DSL |State: WAITING
0000-00-00 00:00:43 E |DSL |State: INITIALIZING
0000-00-00 00:00:48 E |DHCP Server |Address 10.1.1.3 given
out to 00:13:a3:61:60:f5
0000-00-00 00:00:48 E |DHCP Server |1 Address(es) leased
0000-00-00 00:00:56 E |DSL |HYBRID 1
0000-00-00 00:00:56 E |DSL |Link up 1 US 759 DS 1434
(INTL:ADSL2)
0000-00-00 00:00:56 E |PPPoE |oe00: tx PADI, id: 0000,
ac: (NULL), sn: (NULL), MAC: [ianSnip]
0000-00-00 00:00:56 E |PPPoE |Sending PADT/LCP
Terminate for Session ID = F8BD
0000-00-00 00:00:56 E |PPPoE |oe00: rx AC Name:
rdl21.ba
0000-00-00 00:00:56 E |PPPoE |oe00: tx PADR, id: 0000,
ac: (NULL), sn: (NULL), MAC: [ianSnip]
0000-00-00 00:00:56 E |PPPoE |oe00: rx PADS id: F921
MAC [ianSnip]
0000-00-00 00:00:59 E |PPP |LCP neg PAP
0000-00-00 00:00:59 E |PPP |LCP up
0000-00-00 00:00:59 E |PPP |IPCP nak option: 3
0000-00-00 00:00:59 E |PPP |IPCP nak option: 129
0000-00-00 00:00:59 E |PPP |IPCP nak option: 131
0000-00-00 00:00:59 E |PPP |IPCP up ip:
58.107.93.177, gw: 198.142.130.18
0000-00-00 00:00:59 E |PPP |IPCP dns:
211.29.132.12, 198.142.0.51
0000-00-00 00:01:04 E |DHCP Server |Address 10.1.1.3 given
out to 00:13:a3:61:60:f5
0000-00-00 00:01:04 E |DHCP Server |1 Address(es) leased
0000-00-00 00:01:05 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:01:05 E |DHCP Server |0 Address(es) leased
0000-00-00 00:01:21 E |CWMP |CWMP agent cannot reach
the ACS named http://acs.optusnet.com.au:1111/ACS-INTF. Trying again
in 1 minute
0000-00-00 00:02:05 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:02:05 E |DHCP Server |0 Address(es) leased
0000-00-00 00:03:05 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:03:05 E |DHCP Server |0 Address(es) leased
0000-00-00 00:04:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:04:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:05:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:05:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:06:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:06:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:07:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:07:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:08:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:08:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:09:04 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:09:04 E |DHCP Server |0 Address(es) leased
0000-00-00 00:10:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:10:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:11:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:11:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:12:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:12:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:13:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:13:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:14:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:14:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:15:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:15:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:16:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:16:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:17:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:17:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:18:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:18:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:19:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:19:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:20:03 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:20:03 E |DHCP Server |0 Address(es) leased
0000-00-00 00:21:01 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:21:01 E |DHCP Server |0 Address(es) leased
0000-00-00 00:22:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:22:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:23:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:23:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:24:02 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:24:02 E |DHCP Server |0 Address(es) leased
0000-00-00 00:25:01 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
0000-00-00 00:25:01 E |DHCP Server |0 Address(es) leased
0000-00-00 00:26:01 E |DHCP Server |Address 58.107.93.177
given out to 00:13:a3:61:60:f5
[ ianSnip similar lines ]
Log Display Options
Display All Log Entries
System Firewall ADS
Network ATM DSL
Ethernet USB Firmware
Config DHCP Server DHCP Client
PPP PPPoE UPnP
Diags NAT Owner DDNS Client
User Content Filter ARP
Telnet Admin Time Client
CWMP Agent Internet Gateway Device
Routes
Current Routing Table
Destination Netmask Gateway Flags Metric
Interface
127.0.0.0 255.0.0.0 127.0.0.1 1
lo0
10.1.1.0 255.255.255.0 10.1.1.1 1
LAN
Default Gateway 198.142.130.18 5
PPPoE 8/35
58.107.93.177 255.255.255.255 58.107.93.177 1
LAN
Flags legend: (R)ip route, (S)tatic
SETUP |
ppp
ISP Password
Setup for PPPoE 8/35 Access Concentrator: rdl21.ba
Username: ... me ...
Password:
Access
Concentrator (Optional)
Service Name (Optional)
[ian checked ] Auto-Connect on Disconnect
Use Idle Timeout 0 Minutes
Mode
Mode Selection
Select the operation mode:
[ian radio button checked] Optus Bridge
[ian radio button NOT checked] NAPT
[ian radio button NOT checked] Full Bridge
Remote Access
Remote Management Access
Username:
Password:
Application Port
HTTP
FTP
Telnet
Allow access for 20 minutes
User Profiles
Profile Wizard
Current Profiles
# Profile IP Address Actions
0
1
2
3
4
5
Force all users to be identified before surfing
WAN interface
WAN Interface Configuration Wizard
Current Configuration
# VC Type Name Actions
0 8/35 PPPoE PPPoE 8/35 Disable Delete
button button
1
2
3
4
5
6
7
*Checked interface is the default WAN interface
Host
Host Configuration
IP Address: 10.1.1.1
IP Netmask: 255.255.255.0
Default Gateway: or [ ticked ] Use WAN
Host Name: [ian set to Optusnet ]
DHCP
DHCP Configuration
DHCP Server: [ian radio button checked ] "Enable"
[ian radio button NOT checked ] "Disable"
[ian radio button NOT checked ] DHCP Relay
Relay IP: ian grayed 0.0.0.0
Client IP Address: 10.1.1.3
IP Netmask: [ian 255.255.255.0 ]
Default Gateway: [ian 10.1.1.1 ] or [radio button NOT
checked [Self]
DNS Server: [ian blank ] or [radio button CHECKED
[Self]
Primary or Self
DNS Server:
Secondary [ian blank ] (Optional)
Domain Name: [ ian it's set to "domain.invalid" without
quotes]
Lease Time (mins): [ian 1 ]
Requires a specified DNS or [radio button NOt Checked
"Infinite time"
Time Client
Configure Time Zone
Enable Time Client:
[ ian radio button Not Checked ] "No"
[ ian radio button CHECKED] "Yes"
Primary Server: [ ian time.optusnet.com.au ]
Secondary Server: [ian pool.ntp.org ] (Optional)
Select Time Zone: [ian is 0 ] (minutes from UTC)
ian note this is why DNS shows ISP is
located
in
sydney
Static Route Configuration
Currently Configured Static Routes
# Destination Net Mask Next Hop Interface
Edit Delete
Static Route list is empty.
Add Route
Destination Net Mask Next Hop Interface
[ian ---- select ---
with a drop down arrow ]
FIREWALL [ian 7 of these]
Firewall Level Configuration
Current Firewall level: [ian set to "Low" ]
Select Firewall Level: [ ian drop arrow but currently set to off
]
Firewall Snooze Control
Current Snooze interval: [ ian set "Off " "
[radio button ian NOT CHECKED Disable Snooze
[radio button ian NOT CHECKED ] Enable Snooze,
and set the Snooze time interval to:
(minutes)
[radio button ian NOT CHECKED ] Reset the Snooze time interval to:
(minutes)
DMZ
Firewall DMZ Configuration
Current DMZ Status: Enabled
Current DMZ Host IP Address: 58.107.93.177
[ian this radio button is CHECKED ] Disable DMZ
[radio button ian NOT CHECKED ] Enable DMZ with this Host IP
address: [ian 58.107.93.177 ]
[radio button ian NOT CHECKED ] Enable DMZ with this Host IP address
[ with a drop
down button "Select Host"]]
["refresh" button]
[radio button ian NOT CHECKED ] Make Settings Permanent
[radio button ian CHECKED ] Make Settings Last Until Modem Reboots
[radio button ian NOT CHECKED ] Make Settings Last For: [ ian 60 ]
minutes
["Apply" button] ["Reset" button]
filter Rules
Firewall IP Filter Configuration Wizard
Inbound IP Filter Rules
Rule
No. Protocol Destination Destination
Enable
Interface Address
Disable Delete
122 GRE any WAN Interface any
Protected Protected
124 50 any WAN Interface any
Protected Protected
Outbound IP Filter Rules
Rule
No. Protocol Source Source Enable
Interface Address
Disable Delete
120 any any WAN Interface any
Protected Protected
[ian then buttons]
"Add New IP Filter Rule"
"Clone IP FIlter Level"
"Delete All"
Log
Firewall Log
[ian shows "No Events."
ADS
Firewall Attack Detection System Configuration
Enable Attack Detection System [ian Checkbox CHECKED ]
After enabling the Attack Detection System,
select events below to filter and/or log:
[checkbox NOT CHECKED } "Filter All" [checkbox NOT CHECKED ]
"Log All"
all items have checked "Filter"
AND Log check boxes
Same Source and Destination Address
Broadcast Source Address
LAN Source Address On WAN
Invalid IP Packet Fragment
TCP NULL
TCP FIN
TCP Xmas
Fragmented TCP Packet
Fragmented TCP Header
Fragmented UDP Header
Fragmented ICMP Header
Inconsistent UDP/IP header lengths
Inconsistent IP header lengths
[ "apply" button]
********** end of Firewall options ******************
UPNP
UPnP Configuration
[ian radio button NOT CHECKED ] Disable UPnP
[ian radio button NOT CHECKED ] Enable Discovery and Advertisement
only (SSDP)
[ian radio button CHECKED!!! ] Enable full Internet Gateway Device
(IGD) support
Options:
[ian checkbox NOT CHECKED ] Enable access logging
[ian checkbox NOT CHECKED ] Read-only mode
RIP
RIP Configuration
RIP Version Active
Interface Disabled 1 2 1&2
Mode Multicast
Local Area Network [x] ian radio button checked]
PPPoE 8/35 [x] ian radio button checked]
radio buttons under RIP Active Mode &
Multicast NOT checked
"apply" and "reset" buttons
Server Ports
SpeedStream Gateway Server Ports
Application Port
HTTP 80
FTP 21
Telnet 23
"apply" and "reset" buttons
Dynamic DNS
Set Up Dynamic DNS
Dynamic DNS Client
[radio button ian CHECKED ] Disable
[radio button ian Not checked ] Enable
Service Username: [ ian blank ]
Service Password: [ ian blank ]
Host Name 1: [ ian blank ]
Host Name 2: [ ian blank ] (Optional)
"apply" and "reset" buttons
***************** end of the mock- up screen prints. ******