Just got a Belkin Router - help me understand the SPI firewall...

Discussion in 'other firewalls' started by NGRhodes, Aug 15, 2005.

Thread Status:
Not open for further replies.
  1. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    I have had a Linksys router for a while, it died last month, wireless part of it packed in, then it failled to reboot, permanent flashing power light, out of warrenty, so replaced it with a Belkin Wireless router http://catalog.belkin.com/IWCatProd...rking/WirelessNetworking/80211gWi...tworking/

    Now, I understand have the port forwarding works, along with the NAT, on my linksys, I opened 2 ports to allow people to connect to Sharaza on my drone PC.

    I noticed that my belkin router has a firewall, which mentions to have "SPI". How will this interact with incoming requests, with and without port forwarding open, in my case with Shareaza.

    Will port forwarding bypass this firewall ?

    Or will the firewall still try and help protect the opened port ?

    Also, I read somewhere that SPI will allow incoming connections in certain conditons, does this bypass/negate/work-with port forwarding ?

    Ta Nick
     
  2. ghost16825

    ghost16825 Registered Member

    Joined:
    Feb 1, 2005
    Posts:
    84
    You ask a great question. The short answer is that no-one knows what your device will do. Perhaps a longer answer is in the following threads:

    http://www.dslreports.com/forum/remark,8509120
    http://www.dslreports.com/forum/remark,12010843

    And if you weren't clear on the definition of SPI I think Paranoid2000's one is a good one to go by:
    https://www.wilderssecurity.com/showpost.php?p=299171&postcount=27
     
  3. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Thanks for that, had a read, interesting, but still no wiser !

    I've emailed Belkin but I recon they will say, its chocolate fireguard or they cant help.
     
  4. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Got a reply from Belkin some time in the evening/morning.

    They said that its impossible for their firewall in the router to protect forwarded ports.

    Atleast I know now.
     
  5. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Running a server (ie. Shareaza) requires you to create these holes and expose the service to the Internet - port forwards and permitting inbound connections through the firewall.

    Was there something in particular you were wanting to do?

    Reagards,

    CrazyM
     
  6. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Not really, just a better understanding of the firewall, as the documentation is minimal.

    Ta. Nick.
     
  7. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Can't you just set up Shareaza to work without accepting incoming traffic? I think this is one of the options when you install it. It asks you if you're behind a router or firewall, hence you cannot accept incoming connections. If you say yes, then Shareaza will still function fine. I don't see what the problem is...
     
  8. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    What firewalling capabilities does it have? (things beyond basic NAT)

    Unfortunately alot of home use routers will now tout having SPI and/or firewall, but rarely document exactly what they mean by that or define their implementation of it.

    Regards,

    CrazyM
     
  9. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    It has an "SPI Firewall" according the to manual. Does'nt actually tell you anything more than it improves security.

    So far all I have seen it do (according to the logs) is block from dos attacks.
     
  10. Drhomeie

    Drhomeie Guest

    router Trouble

    i have a belkin router to i disabled my firewall and am having problems with a game Warcraft3 i opened port 6112 but i still cant host maps any help would be greatly appriaciated (p.s. my spelling sucks)
     
  11. Tyreman

    Tyreman Registered Member

    Joined:
    Feb 3, 2003
    Posts:
    107
    read up about on sites about stateful packet inspection firewalls.
    for hardwalls basically another programmed,supplied mode of inbound packet brakedown,analyziation and inspection.
    I can't remember if there is any conformance to specific industry stated SPI specifications someone may know :D
     
Loading...
Thread Status:
Not open for further replies.