3com 3031 Installationsanweisungen
826
C
HAPTER
59: F
IREWALL
C
ONFIGURATION
This task is used to configure waiting timeout value in SYN state and FIN state of
TCP, free timeout value of TCP and UDP session entries. The default timeout time
of syn, fin, tcp and udp are 30s, 5s, 3600s and 30s respectively.
TCP, free timeout value of TCP and UDP session entries. The default timeout time
of syn, fin, tcp and udp are 30s, 5s, 3600s and 30s respectively.
Configuring application layer protocol detection
Perform the following configuration in ASPF policy view.
The value of application protocol can be ftp, h323, smtp, rtsp, tcp, udp and http.
When the protocol is http, Java blocking can be configured.
Configuring general TCP and UDP protocol detection
Perform the following configuration in ASPF policy view.
Applying ASPF Policy on
Specified Interface
The interface stream detection will take effect only after applying the pre-defined
ASPF policy on the interface.
ASPF policy on the interface.
Table 895 Configuring application layer protocol detection
Operation
Command
Configure ASPF detection for
application layer protocol
application layer protocol
detect protocol [ aging-time seconds ]
Delete the configured application
protocol detection
protocol detection
undo detect protocol
Table 896 Configuring Java blocking detection
Operation
Command
Configure Java blocking detection
detect http [ java-list acl-number ]
[ aging-time seconds ]
Delete the configured ASPF detection
rule
rule
undo detect http
Table 897 Configuring general TCP and UDP protocol detection
Operation
Command
Configure general TCP detection
detect tcp [ aging-time seconds ]
Configure general UDP detection
detect udp [ aging-time seconds ]
Delete general TCP detection
undo detect tcp
Delete general UDP detection
undo detect udp