Firewall Traffic Rules for the MoFi MOFI3500-3GNRouter Sceenshot

Back to the MoFi MOFI3500-3GN



Screenshots from PortForward.com


MOFI3500-3GN - Traffic Rules - LuCI Skip to navigation Skip to content Navigation MOFI3500-3GN | Barrier Breaker (r36346) | Load: 0.13 0.15 0.11 | Auto Refresh: on off Advanced Basic Changes: 0 MOFI NETWORK MOFI3500-3GN 4G/LTE + Status + System + Services + Network Interfaces Wifi Switch DHCP and DNS Hostnames IPv6 RA and DHCPv6 Static Routes Diagnostics Firewall General settings Port Forwards Traffic Rules Custom Rules QoS + Logout Firewall - Traffic Rules Traffic rules define policies for packets traveling between different zones, for example to reject traffic between certain hosts or to open WAN ports on the router. Traffic Rules Name Match Action Enable Sort   Allow-DHCP-Renew IPv4-UDP From any host in wan To any router IP at port 68 on this device IPv4-UDP From any host in wan To any router IP at port 68 on this device "> Accept input Accept input "> Allow-Ping IPv4-ICMP with type echo-request From any host in wan To any router IP on this device IPv4-ICMP with type echo-request From any host in wan To any router IP on this device "> Accept input Accept input "> Allow-DHCPv6 IPv6-UDP From IP range FE80:0:0:0:0:0:0:0/10 in wan with source port 547 To IP range FE80:0:0:0:0:0:0:0/10 at port 546 on this device IPv6-UDP From IP range FE80:0:0:0:0:0:0:0/10 in wan with source port 547 To IP range FE80:0:0:0:0:0:0:0/10 at port 546 on this device "> Accept input Accept input "> Allow-ICMPv6-Input IPv6-ICMP with types echo-request , echo-reply , destination-unreachable , packet-too-big , time-exceeded , bad-header , unknown-header-type , router-solicitation , neighbour-solicitation , router-advertisement , neighbour-advertisement From any host in wan To any router IP on this device IPv6-ICMP with types echo-request , echo-reply , destination-unreachable , packet-too-big , time-exceeded , bad-header , unknown-header-type , router-solicitation , neighbour-solicitation , router-advertisement , neighbour-advertisement From any host in wan To any router IP on this device "> Accept input and limit to 1000 pkts. per second Accept input and limit to 1000 pkts. per second "> Allow-ICMPv6-Forward IPv6-ICMP with types echo-request , echo-reply , destination-unreachable , packet-too-big , time-exceeded , bad-header , unknown-header-type From any host in wan To any host in any zone IPv6-ICMP with types echo-request , echo-reply , destination-unreachable , packet-too-big , time-exceeded , bad-header , unknown-header-type From any host in wan To any host in any zone "> Accept forward and limit to 1000 pkts. per second Accept forward and limit to 1000 pkts. per second "> - Any TCP From any host in lan To any router IP at port 9100 on this device Any TCP From any host in lan To any router IP at port 9100 on this device "> Accept input Accept input "> WEB Any TCP From any host in wan To any router IP at port 80 on this device Any TCP From any host in wan To any router IP at port 80 on this device "> Accept input Accept input "> SSH Any TCP From any host in wan To any router IP at port 22 on this device Any TCP From any host in wan To any router IP at port 22 on this device "> Accept input Accept input "> HTTPS Any TCP From any host in wan To any router IP at port 443 on this device Any TCP From any host in wan To any router IP at port 443 on this device "> Accept input Accept input "> DNS Any TCP, UDP From any host in lan To any router IP at port 53 on this device Any TCP, UDP From any host in lan To any router IP at port 53 on this device "> Accept input Accept input "> DHCP Any UDP From any host in lan with source ports 67-68 To any router IP at ports 67-68 on this device Any UDP From any host in lan with source ports 67-68 To any router IP at ports 67-68 on this device "> Accept input Accept input "> VPN Any UDP From any host in wan To any router IP at port 1194 on this device Any UDP From any host in wan To any router IP at port 1194 on this device "> Accept input Accept input "> Enforce-ULA-Border-Src IPv6-traffic From IP range FC00:0:0:0:0:0:0:0/7 in any zone To any host in wan IPv6-traffic From IP range FC00:0:0:0:0:0:0:0/7 in any zone To any host in wan "> Refuse forward Refuse forward "> Enforce-ULA-Border-Dest IPv6-traffic From any host in any zone To IP range FC00:0:0:0:0:0:0:0/7 in wan IPv6-traffic From any host in any zone To IP range FC00:0:0:0:0:0:0:0/7 in wan "> Refuse forward Refuse forward "> Open ports on router: Name Protocol External port TCP+UDP TCP UDP Other... New forward rule: Name Source zone Destination zone lan vpn wan lan vpn wan Source NAT Source NAT is a specific form of masquerading which allows fine grained control over the source IP used for outgoing traffic, for example to map multiple WAN addresses to internal subnets. Name Match Action Enable Sort   This section contains no values yet New source NAT: Name Source zone Destination zone To source IP To source port lan vpn wan lan vpn wan -- Please choose -- 192.168.0.1 (br-lan) 192.168.0.254 (br-lan) -- custom -- Powered by LuCI (vsvn-r9812)
Home > Screenshots > MoFi > MOFI3500-3GN > Firewall Traffic Rules