Elsewhere on this site I recommended you turn off the firewall feature of your NVG589 gateway and allow your own router to handle these duties. While this is certainly a viable option, after a little experimentation I've discovered that some of the firewall features are quite useful and don't interfere at all with the operation of my router and wireless access points.
I operate a couple of small websites, for which I recently configured the AWStats package (which I highly recommend). The first thing I noticed when studying the site statistics was an incredible number of hits from IP addresses in China and Japan. A little Googling revealed that these folks are -- at best -- wasting my bandwidth. One of them (Baidu) appears on a blacklist that I trust (xbl.spamhaus.org), so I decided to block them entirely from my network.
Using various 'whois' tools, I determined the IP network of the two offenders:
| China | ptr.cnsat.com.cn | 202.46.32.0-202.46.63.255 |
| Japan | Baidu Japan Inc. | 119.63.192.0-119.63.199.255 |
As you can see in the image below, I've deleted all of the default packet filter rules shipped by AT&T and added two simple 'drop' rules to reject inbound IPv4 packets from the two IP networks:
The only other firewall settings I've experimented with are on the 'Firewall Advanced' form. You can see that I've enabled all but one of them ('Reflexive ACL') and tweaked the 'Flood rate limit' and 'Flood burst limit' to values somewhat higher than the defaults.
That's it! These settings are working very well for me and I hope they do for you, too!
Comments, corrections, questions? Email me here: