DMZ Firewall Solution for the Express Router
07-12-99 Version 1.0 16
Filter Function Settings
Dest. address type: Host
Dest. address: 10.2.0.3
Dest. port > 1023
Src. address type: All
Src. port: = 25
15 Allows incoming News (NNTP) from a
specified external News server to the
DMZ (see note 2).
Action: Pass
Protocol: TCP
TCP flags: All
Dest. address type: Host
Dest. address: 10.2.0.4
Dest. port: = 119
Src. address type: Host
Src. address: 196.24.5.8
Src. port: > 1023
16 Allows outgoing News (NNTP) to a
specified external News server from the
DMZ.
Action: Pass
Protocol: TCP
TCP flags: ACK
Dest. address type: Host
Dest. address: 10.2.0.4
Dest. port: > 1023
Src. address type: Host
Src. address: 196.24.5.8
Src. port: 119
Note 1: Only passive FTP connections are supported. The HTTP/FTP proxy must be configured
to use a passive FTP connection.
Note 2: The filter is not required when using a News proxy server on DMZ.
3.3.3.2 Transmit (Tx) Filters on the Connection to the Internet
Set the default action to Pass.