A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.comp.home-networking (UK home networking)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.comp.home-networking (UK home networking) (uk.comp.home-networking) Discussion of all aspects of computer networking in the home, regardless of the platforms, software, topologies and protocols used. Examples of topics include recommendations for hardware or suppliers (e.g. NICs and cabling), protocols, servers, and specific network software. Advertising is not allowed.

"Call filter" and "Data filter", firewall clarification wanted please



 
 
Thread Tools Display Modes
  #1  
Old April 13th 08, 01:08 PM posted to uk.comp.home-networking
[email protected]
external usenet poster
 
Posts: 180
Default "Call filter" and "Data filter", firewall clarification wanted please

My new Draytek Vigor 2820n has what it calls "Call Filter" and "Data
Filter" in its firewall setup. The manual says:-

Call Filter - When there is no existing Internet connection, Call
Filter is applied to all traffic, all of which should be outgoing.
It will check packets according to the filter rules. If legal,
the packet will pass. Then the router shall “initiate a call”
to build the Internet connection and send the packet to Internet.

Data Filter - When there is an existing Internet connection, Data
Filter is applied to incoming and outgoing traffic. It will check
packets according to the filter rules. If legal, the packet will
pass the router.


I don't really follow the above, can anyone clarify or point me at a
fuller explanation somewhere please. In particular what does it mean
(in this context) by an "Internet connection"? Does it mean the state
of the ADSL connection - that doesn't really make sense because it's
always up unless something has gone wrong. Alternatively does it mean
a particular 'conversation' with a remote system - still doesn't make
much sense to me because (for example) UDP is stateless so there is no
concept of a connection, and why should only outgoing traffic be
allowed?

All in all I'm confused! :-)

I have set up the firewall quite successfully by setting up the Data
Filter with the rules I used for previous routers, that seems to have
produced the result I want. I have ignored the Call Filter.


--
Chris Green
  #2  
Old April 15th 08, 09:21 AM posted to uk.comp.home-networking
Chris Davies
external usenet poster
 
Posts: 444
Default "Call filter" and "Data filter", firewall clarification wanted please

wrote:
My new Draytek Vigor 2820n has what it calls "Call Filter" and "Data
Filter" in its firewall setup. The manual says:-


Call Filter - When there is no existing Internet connection, Call
Filter is applied to all traffic, all of which should be outgoing. It
will check packets according to the filter rules. If legal, the packet
will pass. Then the router shall “initiate a call” to build the
Internet connection and send the packet to Internet.


This is for a situation where the router has not yet established the ADSL
connection to your ISP. It allows you to control which traffic should
initiate this connection. (Think of time-based charging such as ISDN,
or where there is a call setup charge and/or traffic costs are so high
that you don't want to establish a connection unnecessarily.)


Data Filter - When there is an existing Internet connection, Data
Filter is applied to incoming and outgoing traffic. It will check
packets according to the filter rules. If legal, the packet will pass
the router.


Once a connection has been made, you may not worry too much about what
data passes over the link. This ruleset allows you to determine what
traffic is allowed through the router.


In particular what does it mean (in this context) by an "Internet
connection"? Does it mean the state of the ADSL connection


Yes


I have set up the firewall quite successfully by setting up the Data
Filter with the rules I used for previous routers, that seems to have
produced the result I want. I have ignored the Call Filter.


Sounds about right. Not that I have a Draytek, though (I'm basing my
answers on "old fashioned" ppp with dial-on-demand).

Chris
  #3  
Old April 15th 08, 10:16 AM posted to uk.comp.home-networking
[email protected]
external usenet poster
 
Posts: 180
Default "Call filter" and "Data filter", firewall clarification wanted please

Chris Davies wrote:
wrote:
My new Draytek Vigor 2820n has what it calls "Call Filter" and "Data
Filter" in its firewall setup. The manual says:-


Call Filter - When there is no existing Internet connection, Call
Filter is applied to all traffic, all of which should be outgoing. It
will check packets according to the filter rules. If legal, the packet
will pass. Then the router shall “initiate a call” to build the
Internet connection and send the packet to Internet.


This is for a situation where the router has not yet established the ADSL
connection to your ISP. It allows you to control which traffic should
initiate this connection. (Think of time-based charging such as ISDN,
or where there is a call setup charge and/or traffic costs are so high
that you don't want to establish a connection unnecessarily.)

Ah, OK, it does mean what it says then. It's just rather strange in
the UK/ADSL situation where connections are nearly all "always on". I
think, as you say, it's probably mostly for ISDN and such (which some
varieties of the 2820 do support) where the router does initiate
connections on a frequent basis.

Data Filter - When there is an existing Internet connection, Data
Filter is applied to incoming and outgoing traffic. It will check
packets according to the filter rules. If legal, the packet will pass
the router.


Once a connection has been made, you may not worry too much about what
data passes over the link. This ruleset allows you to determine what
traffic is allowed through the router.

Yes, my guess that it was this section where I should put my 'normal'
firewall rules seems to be working.


In particular what does it mean (in this context) by an "Internet
connection"? Does it mean the state of the ADSL connection


Yes


I have set up the firewall quite successfully by setting up the Data
Filter with the rules I used for previous routers, that seems to have
produced the result I want. I have ignored the Call Filter.


Sounds about right. Not that I have a Draytek, though (I'm basing my
answers on "old fashioned" ppp with dial-on-demand).

Yes, as I said it seems to be doing what I want.

It's just that all previous ADSL routers I have set up (that's three
different ones) just had one set of firewall rules which, in the above
classification, would be "Data Filter". If the manual had made it
clear that the "Data Filter" was the one I should be doing things to
for an "always on" connection I'd have had no trouble.

Thanks for the help.

--
Chris Green
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
SPEWS SLIMES "WindsorFox", "Kevin-!:?)", "Spin Dryer" get the cold shoulder at broadband ng! SneakyP uk.telecom.broadband (UK broadband) 0 November 29th 05 11:46 PM


All times are GMT +1. The time now is 01:04 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2019 BroadbanterBanter.
The comments are property of their posters.