Manualsbrain.com
  1. Handbücher
  2. Marken
  3. ZyXEL
  4. P-2602HW
  5. Betriebsanweisung

ZyXEL P-2602HW Betriebsanweisung

Download
Seite von 465
Chapter 15 Firewall Configuration
P-2602H(W)(L)-DxA User’s Guide
224
15.9  Firewall Commands
The following describes the firewall commands. See the Command Interpreter appendix for 
information on the command structure. Each of these commands must be preceded by 
sys 
firewall
 when you use them. For example, type 
sys firewall active yes
 to turn on 
the firewall.
Maximum 
Incomplete High
This is the number of existing half-open 
sessions that causes the firewall to start 
deleting half-open sessions. When the 
number of existing half-open sessions rises 
above this number, the ZyXEL Device 
deletes half-open sessions as required to 
accommodate new connection requests. Do 
not set Maximum Incomplete High to lower 
than the current Maximum Incomplete Low 
number.
100 existing half-open sessions. 
The above values causes the 
ZyXEL Device to start deleting 
half-open sessions when the 
number of existing half-open 
sessions rises above 100, and to 
stop deleting half-open sessions 
with the number of existing half-
open sessions drops below 80.
TCP Maximum 
Incomplete 
This is the number of existing half-open TCP 
sessions with the same destination host IP 
address that causes the firewall to start 
dropping half-open sessions to that same 
destination host IP address. Enter a number 
between 1 and 256. As a general rule, you 
should choose a smaller number for a smaller 
network, a slower system or limited 
bandwidth.
30 existing half-open TCP 
sessions.
Action taken when the TCP Maximum Incomplete reached threshold
Delete the Oldest 
Half Open 
Session when 
New Connection 
Request Comes.
Select this radio button to clear the oldest half 
open session when a new connection request 
comes.
Deny New 
Connection 
Request for
Select this radio button and specify for how 
long the ZyXEL Device should block new 
connection requests when TCP Maximum 
Incomplete is reached. 
Enter the length of blocking time in minutes 
(between 1 and 256).
Apply
Click Apply to save your changes back to the ZyXEL Device.
Cancel
Click Cancel to begin configuring this screen afresh.
Table 83   Firewall: Threshold (continued)
LABEL
DESCRIPTION
DEFAULT VALUES
Table 84   Sys Firewall
 Commands
COMMAND
DESCRIPTION
acl
disp
Displays ACLs or a specific ACL set # and rule #.
active
<yes|no>
Active firewall or deactivate firewall
Enables/disables the firewall.
cnt