DMZ Firewall Solution for the Express Router
07-12-99 Version 1.0 27
Filter Function Settings
14 Allows outgoing mail (SMTP) to any
host on the Internet from the DMZ.
Action: Pass
Protocol: TCP
TCP flags: ACK
Dest. address type: Host
Dest. address: 193.84.251.3
Dest. port > 1023
Src. address type: All
Src. port: = 25
15 Allows incoming News (NNTP) from a
specified external News server to the
DMZ (see note 2).
Action: Pass
Protocol: TCP
TCP flags: All
Dest. address type: Host
Dest. address: 193.84.251.4
Dest. port: = 119
Src. address type: Host
Src. address: 196.24.5.8
Src. port: > 1023
16 Allows outgoing News (NNTP) to a
specified external News server from the
DMZ.
Action: Pass
Protocol: TCP
TCP flags: ACK
Dest. address type: Host
Dest. address: 193.84.251.4
Dest. port: > 1023
Src. address type: Host
Src. address: 196.24.5.8
Src. port: = 119
Note 1: Only passive FTP connections are supported. The HTTP/FTP proxy must be configured
to use a passive FTP connection.
Note 2: The filter is not required when using a News proxy server on DMZ.
4.4.3.2 Transmit (Tx) Filters on the Connection to the Internet
Set the default action to Pass. No individual filters are required.