Just got a Belkin Router - help me understand the SPI firewall...

I have had a Linksys router for a while, it died last month, wireless part of it packed in, then it failled to reboot, permanent flashing power light, out of warrenty, so replaced it with a Belkin Wireless router http://catalog.belkin.com/IWCatProd...rking/WirelessNetworking/80211gWi...tworking/

Now, I understand have the port forwarding works, along with the NAT, on my linksys, I opened 2 ports to allow people to connect to Sharaza on my drone PC.

I noticed that my belkin router has a firewall, which mentions to have "SPI". How will this interact with incoming requests, with and without port forwarding open, in my case with Shareaza.

Will port forwarding bypass this firewall ?

Or will the firewall still try and help protect the opened port ?

Also, I read somewhere that SPI will allow incoming connections in certain conditons, does this bypass/negate/work-with port forwarding ?

Ta Nick

 

You ask a great question. The short answer is that no-one knows what your device will do. Perhaps a longer answer is in the following threads:

http://www.dslreports.com/forum/remark,8509120
http://www.dslreports.com/forum/remark,12010843

And if you weren't clear on the definition of SPI I think Paranoid2000's one is a good one to go by:
https://www.wilderssecurity.com/showpost.php?p=299171&postcount=27

 

Thanks for that, had a read, interesting, but still no wiser !

I've emailed Belkin but I recon they will say, its chocolate fireguard or they cant help.

 

Got a reply from Belkin some time in the evening/morning.

They said that its impossible for their firewall in the router to protect forwarded ports.

Atleast I know now.

 

Running a server (ie. Shareaza) requires you to create these holes and expose the service to the Internet - port forwards and permitting inbound connections through the firewall.

Was there something in particular you were wanting to do?

Reagards,

CrazyM

 

Not really, just a better understanding of the firewall, as the documentation is minimal.

Ta. Nick.

 

Can't you just set up Shareaza to work without accepting incoming traffic? I think this is one of the options when you install it. It asks you if you're behind a router or firewall, hence you cannot accept incoming connections. If you say yes, then Shareaza will still function fine. I don't see what the problem is...

 

What firewalling capabilities does it have? (things beyond basic NAT)

Unfortunately alot of home use routers will now tout having SPI and/or firewall, but rarely document exactly what they mean by that or define their implementation of it.

Regards,

CrazyM

 

It has an "SPI Firewall" according the to manual. Does'nt actually tell you anything more than it improves security.

So far all I have seen it do (according to the logs) is block from dos attacks.

 

router Trouble

i have a belkin router to i disabled my firewall and am having problems with a game Warcraft3 i opened port 6112 but i still cant host maps any help would be greatly appriaciated (p.s. my spelling sucks)

 

read up about on sites about stateful packet inspection firewalls.
for hardwalls basically another programmed,supplied mode of inbound packet brakedown,analyziation and inspection.
I can't remember if there is any conformance to specific industry stated SPI specifications someone may know