Nortel 4134 用户指南
98
Firewall and NAT configuration
3
To configure reset of invalid ACK packets, enter:
[no] reset-invalid-acks
—End—
Table 30
Variable definitions
Variable definitions
Variable
Value
[no]
Disables reset-invalid-acks.
Configuring stealth mode
Enable stealth mode on the firewall to stop the sending of TCP reset packets
when there is no corresponding matching policy for an incoming packet. You
can configure this option either globally or for a specific firewall zone.
when there is no corresponding matching policy for an incoming packet. You
can configure this option either globally or for a specific firewall zone.
By default, this feature is disabled.
Procedure steps
Step
Action
1
To enter configuration mode, enter:
configure terminal
2
To specify the map name to configure, or global firewall configuration,
enter:
enter:
firewall {global | <map-name>}
3
To configure reset of invalid ACK packets, enter:
[no] stealth-mode [<map-name>]
—End—
Table 31
Variable definitions
Variable definitions
Variable
Value
[<map-name>]
Specifies the map name.
[no]
Disables stealth mode.
Configuring firewall policies
Configure firewall policies for a specific map. The maximum number of
policies for each map is 1024.
policies for each map is 1024.
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.