by default, the fvm318 regulates inbound and outbound traffic in these ways:
1 inbound: block all access from outside except responses to requests from the lan side.
2 outbound: allow all access from the lan side to the outside.
you may define exceptions to the default outbound settings by adding block services definitions to the outbound services table. in this way, you can block or allow access based on the service or application destination ip addresses, and time of day. you can also choose to log traffic that matches or does not match what you have defined.
procedure 4-4: configuring services blocking
1.log in to the firewall at its default lan address of http://192.168.0.1 with its default user name of admin, default password of password, or using whatever password and lan address you have chosen for the firewall.
2.click the block services link of the security section of the main menu to display this screen.
figure 4-3: block services menu
1 to create a new block services rule, click the add button.
2 to edit an existing block services rule, select its button on the left side of the table and click edit.
3 to delete an existing block services rule, select its button on the left side of the table and click delete.
3.modify the menu below to define or edit how a service is regulated.
figure 4-4: add block services menu
the parameters are:
1 service.
from this list, select the application or service to be allowed or blocked. the list already displays many common services, but you are not limited to these choices. use the add services menu to add any additional services or applications that do not already appear.
2 action.
choose how you would like this type of traffic to be handled. you can block or allow always, or you can choose to block or allow according to the schedule you have defined in the schedule menu.
3 lan users address.
specify traffic originating on the lan (outbound), and choose whether you would like the traffic to be restricted by source ip address. you can select any, a single address, or a range. if you select a range of addresses, enter the range in the start and finish boxes. if you select a single address, enter it in the start box.
4 log.
you can select whether the traffic will be logged. the choices are:
1 never - no log entries will be made for this service.
2 always - any traffic for this service type will be logged.
3 match - traffic of this type which matches the parameters and action will be logged.
4 not match - traffic of this type which does not match the parameters and action will be logged.
4.click apply to save your definition.