Home
TrafMeter Web Online Help
TrafMeter
What is TrafMeter?
License Agreement
TrafMeter Editions
Registration Info
How To Contact Us
Description
System requirements
Introduction
Installation Package
Installation Guide
Opening the configuration
Selecting NIC
Capturing the traffic
TrafMeter Service Monitor
User authentication
Sending SMS
NAT
Traffic Shaper
Viewing the Traffic Counters
Processing the captured packet
Logging the Application Events
Logging the denied packets
Firewall
Zeroing counters
Users
Filter Manager
Filter Editor
Rule Editor
IP Address Groups
Database Connection String
XML Traffic Reports
Using XSL formatting
The example of XSL formatting
The example of XSL formatting (2)
Traffic Logging into the Database
Database table
Packet Logging
Into the plaintext file
Filename template
Into the database
Database Table
Microsoft SQL Server Syntax
MySQL Server Syntax
Microsoft Access Syntax
Useful SQL scripts
Host Header Logging
Into the plaintext file
Into the database
Database Table
Microsoft SQL Server Syntax
MySQL Server Syntax
Microsoft Access Syntax
Result Codes
Counting VPN packests
Table for storing Filter Names
Registry Settings
FAQ
TrafMeter FAQ
Traffic counting with TrafMeter FAQ
Configuration examples
Example 1
Example 2
Example 3
Example 4
Example 5
Example 6
Example 7
Example 8
Knowledge base
IP protocol number
Type Of Service (ToS) field
MAC address
Promiscuous mode
Ethernet hub
Ethernet switch
Ethernet
NAT router
HOWTO: Creating an OLE DB Connection String for Microsoft SQL Server
HOWTO: Creating an OLE DB Connection String for an Access
HOWTO: Creating an OLE DB Connection String for MySQL
Manual editing of the XML files
Zeroing counters using TrafReset
How to enable
Reloading the Filterset

Using TrafMeter as firewall

Although TrafMeter, promoted as traffic monitoring software, is typically used in conjunction with a separate firewall, it has the capability to deny network packets because it is built on a firewall engine.
 
Let's consider a typical case for creating a firewall solution using TrafMeter. For example, we have an office network whose gateway runs Windows Server 2003, with Routing enabled and Remote Access Service (RRAS) playing the NAT-router role. What packets should be denied to defend the gateway against hackers? A solution would be to restrict access to all network services on the gateway from any untrusted networks. This goal can be reached when you enable firewall on the public interface.

Stateful Inspection technique

TrafMeter firewall is not simple packet-filtering engine. The firewall has "Stateful Inspection" feature which significally increases overall security. If you access some outside service, the server remembers things about your original request like port number, and source and destination address. This "remembering" is called saving the state. When the outside system responds to your request, the firewall server compares the received packets with the saved state to determine if they are allowed in.

 

 Note

  • Capture Mode must be Active, otherwise the firewall will not discard packets.
  • The firewall works only with single network adapter that must be marked as "public".
  • By default, the firewall enables all outgoing traffic (only for TCP, UDP and ICMP protocols) and blocks any incoming communication.
  • If you wish allow an access to network services running on your computer or inside your network, you should setup the firewall exceptions.
  • The firewall works only in packet-filtering mode, the application level is not supported.
  • Use passive FTP connections in your FTP client.
  • Denied packets are logged to %programfiles%\TrafMeter\Logs.

 
This HTML Help has been published using the chm2web software.