Just got a Belkin Router - help me understand the SPI firewall...

Discussion in 'other firewalls' started by NGRhodes, Aug 15, 2005.

Thread Status:
Not open for further replies.
  1. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,359
    Location:
    .
    I have had a Linksys router for a while, it died last month, wireless part of it packed in, then it failled to reboot, permanent flashing power light, out of warrenty, so replaced it with a Belkin Wireless router http://catalog.belkin.com/IWCatProd...rking/WirelessNetworking/80211gWi...tworking/

    Now, I understand have the port forwarding works, along with the NAT, on my linksys, I opened 2 ports to allow people to connect to Sharaza on my drone PC.

    I noticed that my belkin router has a firewall, which mentions to have "SPI". How will this interact with incoming requests, with and without port forwarding open, in my case with Shareaza.

    Will port forwarding bypass this firewall ?

    Or will the firewall still try and help protect the opened port ?

    Also, I read somewhere that SPI will allow incoming connections in certain conditons, does this bypass/negate/work-with port forwarding ?

    Ta Nick
     
  2. ghost16825

    ghost16825 Registered Member

    Joined:
    Feb 1, 2005
    Posts:
    84
    You ask a great question. The short answer is that no-one knows what your device will do. Perhaps a longer answer is in the following threads:

    http://www.dslreports.com/forum/remark,8509120
    http://www.dslreports.com/forum/remark,12010843

    And if you weren't clear on the definition of SPI I think Paranoid2000's one is a good one to go by:
    https://www.wilderssecurity.com/showpost.php?p=299171&postcount=27
     
  3. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,359
    Location:
    .
    Thanks for that, had a read, interesting, but still no wiser !

    I've emailed Belkin but I recon they will say, its chocolate fireguard or they cant help.
     
  4. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,359
    Location:
    .
    Got a reply from Belkin some time in the evening/morning.

    They said that its impossible for their firewall in the router to protect forwarded ports.

    Atleast I know now.
     
  5. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Running a server (ie. Shareaza) requires you to create these holes and expose the service to the Internet - port forwards and permitting inbound connections through the firewall.

    Was there something in particular you were wanting to do?

    Reagards,

    CrazyM
     
  6. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,359
    Location:
    .
    Not really, just a better understanding of the firewall, as the documentation is minimal.

    Ta. Nick.
     
  7. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,889
    Can't you just set up Shareaza to work without accepting incoming traffic? I think this is one of the options when you install it. It asks you if you're behind a router or firewall, hence you cannot accept incoming connections. If you say yes, then Shareaza will still function fine. I don't see what the problem is...
     
  8. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    What firewalling capabilities does it have? (things beyond basic NAT)

    Unfortunately alot of home use routers will now tout having SPI and/or firewall, but rarely document exactly what they mean by that or define their implementation of it.

    Regards,

    CrazyM
     
  9. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,359
    Location:
    .
    It has an "SPI Firewall" according the to manual. Does'nt actually tell you anything more than it improves security.

    So far all I have seen it do (according to the logs) is block from dos attacks.
     
  10. Drhomeie

    Drhomeie Guest

    router Trouble

    i have a belkin router to i disabled my firewall and am having problems with a game Warcraft3 i opened port 6112 but i still cant host maps any help would be greatly appriaciated (p.s. my spelling sucks)
     
  11. Tyreman

    Tyreman Registered Member

    Joined:
    Feb 3, 2003
    Posts:
    109
    read up about on sites about stateful packet inspection firewalls.
    for hardwalls basically another programmed,supplied mode of inbound packet brakedown,analyziation and inspection.
    I can't remember if there is any conformance to specific industry stated SPI specifications someone may know :D
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.