I've just bought a DLink DSL-504 router off ebay, and am having a lot of
troubles with it. I've got it working with no firewall enabled - ie. I can
use the internet on all computers on my home network. However, the
interface for configuring the firewall is so un-intuitive! Has anyone any
experience in setting this firewall up? I want to have everything blocked -
except certain specified ports (for now, let's just say port 80), and only
on a certain computer on the network. How would I do this? I found one
example on the internet, but that has the subnet mask as 0,0,0,0 on some of
the options. On my version, there is no 0,0,0,0 in the combobox.

I've also tried downgrading the firmware to the version we use at work (the
firewall page is completely different). But halfway through the firmware
upload a popup box says "Upload Failed". I've tried various firmwares, and
they all fail! Anyone experience this?

Below is a link to a screenshot of the firewall configuration page. Ignore
the values I've already put in - I was just playing around trying to get it
to work.

http://www.dracan.x-1.net/firewall.jpg


Thanks for any help with this, as it's driving me nuts! :o|

Dan.

Do you want to block outgoing access as well as incoming?

If you only want to block incoming, I have found it better on the 504's to
not use the Firewalling/Filtering at all and just set the DMZ IP address to
a non-existent or unused address on you local LAN. The DMZ IP is under NAT
Configuration and specifies the IP to send any unmatched traffic to.... so
basically any traffic that is not defined in the Port Redirection area is
sent to a non-existent IP and thus it show as stealth mode on the firewall
checking programs I have used.

For the web server you just setup port redirection for port 80 to the IP of
your web server..

If you do want to block outgoing as well, then you will first need to
activate the firewalling/filtering (it is disabled in the screen shot you
posted) and it also looks like you have mixed up the in and out names (not
that it matters). Your source for incoming will be ANY (0.0.0.0/32) and the
destination will be your internal server IP. The source for outgoing will
be your local LAN subnet (e.g. 192.168.0.0/24) and the destination will be
ANY (0.0.0.0/32).

The Australian Dlink site has and example doco for Advanced Filtering (
http://www.dlink.com.au/tech/drivers/files/routers/DSL-50x_Filter_Example_fw221.zip )

Good luck.

Dunska.

"Dan" <dan@nospam.com> wrote in message
news:btgolg$b16$1$8300dec7@news.demon.co.uk... I've just bought a DLink DSL-504 router off ebay, and am having a lot of troubles with it. I've got it working with no firewall enabled - ie. I
can use the internet on all computers on my home network. However, the interface for configuring the firewall is so un-intuitive! Has anyone any experience in setting this firewall up? I want to have everything
blocked - except certain specified ports (for now, let's just say port 80), and only on a certain computer on the network. How would I do this? I found one example on the internet, but that has the subnet mask as 0,0,0,0 on some
of the options. On my version, there is no 0,0,0,0 in the combobox. I've also tried downgrading the firmware to the version we use at work
(the firewall page is completely different). But halfway through the firmware upload a popup box says "Upload Failed". I've tried various firmwares,
and they all fail! Anyone experience this? Below is a link to a screenshot of the firewall configuration page.
Ignore the values I've already put in - I was just playing around trying to get
it to work. http://www.dracan.x-1.net/firewall.jpg Thanks for any help with this, as it's driving me nuts! :o| Dan.

Hi, thanks for the info. I've got it all sorted now. The screenshot I
posted was just to show the UI interface - so that people who didn't have
the same router, but knew a lot about routers, would still be able to help.
The values in there were just from me playing around, and I knew they didn't
work (which is why it was disabled :o)). I see what you mean about it being
simpler to use the DMZ option - I've got about 30 firewall rules set now!
:o)

Thanks again,
Dan.




"Shane G" <dunska@swiftdsl.NOSPAM.com.au> wrote in message
news:40054729$0$22624$61ce578d@news.syd.swiftdsl.com.au... Do you want to block outgoing access as well as incoming? If you only want to block incoming, I have found it better on the 504's to not use the Firewalling/Filtering at all and just set the DMZ IP address
to a non-existent or unused address on you local LAN. The DMZ IP is under
NAT Configuration and specifies the IP to send any unmatched traffic to.... so basically any traffic that is not defined in the Port Redirection area is sent to a non-existent IP and thus it show as stealth mode on the firewall checking programs I have used. For the web server you just setup port redirection for port 80 to the IP
of your web server.. If you do want to block outgoing as well, then you will first need to activate the firewalling/filtering (it is disabled in the screen shot you posted) and it also looks like you have mixed up the in and out names (not that it matters). Your source for incoming will be ANY (0.0.0.0/32) and
the destination will be your internal server IP. The source for outgoing will be your local LAN subnet (e.g. 192.168.0.0/24) and the destination will be ANY (0.0.0.0/32). The Australian Dlink site has and example doco for Advanced Filtering (
http://www.dlink.com.au/tech/drivers/files/routers/DSL-50x_Filter_Example_fw221.zip ) Good luck. Dunska. "Dan" <dan@nospam.com> wrote in message news:btgolg$b16$1$8300dec7@news.demon.co.uk... I've just bought a DLink DSL-504 router off ebay, and am having a lot of troubles with it. I've got it working with no firewall enabled - ie. I can use the internet on all computers on my home network. However, the interface for configuring the firewall is so un-intuitive! Has anyone
any experience in setting this firewall up? I want to have everything blocked - except certain specified ports (for now, let's just say port 80), and
only on a certain computer on the network. How would I do this? I found one example on the internet, but that has the subnet mask as 0,0,0,0 on some of the options. On my version, there is no 0,0,0,0 in the combobox. I've also tried downgrading the firmware to the version we use at work (the firewall page is completely different). But halfway through the
firmware upload a popup box says "Upload Failed". I've tried various firmwares, and they all fail! Anyone experience this? Below is a link to a screenshot of the firewall configuration page. Ignore the values I've already put in - I was just playing around trying to get it to work. http://www.dracan.x-1.net/firewall.jpg Thanks for any help with this, as it's driving me nuts! :o| Dan.