Packet filtering and QoS rules: Need some learning

[TanyaC]

Are there any packet filtering and QoS experts here willing to provide some help with my feeble understanding of such technologies?

 

[F5ing]

No luck with this? I'd like to see some action for this thread!

 

[TanyaC]

Hmm.. I had forgot that I posted this. Perhaps I'll just ask my question and see what happens

Ok, I've recently purchased a Billion 7402NX modem/router.

It has 4 levels of firewall security: Off, low, medium, high. The difference is in the number of predfined packet filtering rules.

On my old D-Link, firewall features are very limited; Basic DOS, SPI etc. and some fundamental access control rules. Supported by independent schedules.

I want to allow pretty much any outgoing traffic. My kids are all into online gaming (incl. MMORPGs and things like CSS, Diablo III and so on). We do http and torrent downloads, use several download managers and peer to peer software, email, and browsing.

All decent firewalls use an implicit deny, meaning what is not explicitly allowed is denied. It is considered bad practice to use an implicit allow.

I don't want to have to [re]configure the router every time a new port is used. I want to be able to allow the kids to do their stuff, whilst still keeping out unwanted inbound traffic.

What packet filter configurations would I use for that?

Additionally, I want to block all inbound and outbound traffic for a specific set of IP addresses (fortunately they are consecutive) based on a time schedule, which changes based on whether it is a school term, or school break.

I'm not good at subnetting, but if the addresses, were for example 192.168.1.3 to 192.168.1.13, how would I configure such rules on the 7402?

I've set up a static ARP table, so unless they spoof their MAC address, I can pretty much rely on the IP address range.

Any help is greatly appreciated.

Tanya