ZyXEL p-660hwp Guia Do Utilizador

 Chapter 11 Firewall Configuration

P-660HWP-Dx User’s Guide

Maximum 

Incomplete High

This is the number of existing half-open 

sessions that causes the firewall to start 

deleting half-open sessions. When the 

number of existing half-open sessions rises 

above this number, the P-660HWP-Dx 

deletes half-open sessions as required to 

accommodate new connection requests. Do 

not set Maximum Incomplete High to lower 

than the current Maximum Incomplete Low 

number.

100 existing half-open sessions. 

The above values causes the P-

660HWP-Dx to start deleting half-

open sessions when the number 

of existing half-open sessions 

rises above 100, and to stop 

deleting half-open sessions with 

the number of existing half-open 

sessions drops below 80.

TCP Maximum 

Incomplete 

This is the number of existing half-open TCP 

sessions with the same destination host IP 

address that causes the firewall to start 

dropping half-open sessions to that same 

destination host IP address. Enter a number 

between 1 and 256. As a general rule, you 

should choose a smaller number for a smaller 

network, a slower system or limited 

bandwidth.

10 existing half-open TCP 

sessions.

Action taken when the TCP Maximum Incomplete threshold is reached.

Delete the oldest 

half open session 

when new 

connection 

request comes

Select this radio button to clear the oldest half 

open session when a new connection request 

comes.

Deny new 

connection 

request for

Select this radio button and specify for how 

long the P-660HWP-Dx should block new 

connection requests when TCP Maximum 

Incomplete is reached. 
Enter the length of blocking time in minutes 

(between 1 and 256).

Apply

Click Apply to save your changes to the P-660HWP-Dx.

Cancel

Click Cancel to begin configuring this screen afresh.

Table 66   Firewall: Threshold (continued)