Table 173 Firewall Commands (continued)
FUNCTION
Sets
Appendix E Firewall Commands
COMMAND
config edit firewall attack
minute-low <0-255>
config edit firewall attack
max-incomplete-high <0-255>
config edit firewall attack
max-incomplete-low <0-255>
config edit firewall attack
tcp-max-incomplete <0-255>
config edit firewall set <set
#> name <desired name>
Config edit firewall set <set
#> default-permit <forward |
block>
Config edit firewall set <set
#> icmp-timeout <seconds>
Config edit firewall set <set
#> udp-idle-timeout <seconds>
Config edit firewall set <set
#> connection-timeout
<seconds>
Config edit firewall set <set
#> fin-wait-timeout <seconds>
Config edit firewall set <set
#> tcp-idle-timeout <seconds>
P-870HW-I1 User's Guide
DESCRIPTION
This command sets the threshold of half-open
sessions where the ZyXEL Device stops
deleting half-opened sessions.
This command sets the threshold of half-open
sessions where the ZyXEL Device starts
deleting old half-opened sessions until it gets
them down to the max incomplete low.
This command sets the threshold where the
ZyXEL Device stops deleting half-opened
sessions.
This command sets the threshold of half-open
TCP sessions with the same destination
where the ZyXEL Device starts dropping half-
open sessions to that destination.
This command sets a name to identify a
specified set.
This command sets whether a packet is
dropped or allowed through, when it does not
meet a rule within the set.
This command sets the time period to allow an
ICMP session to wait for the ICMP response.
This command sets how long a UDP
connection is allowed to remain inactive
before the ZyXEL Device considers the
connection closed.
This command sets how long ZyXEL Device
waits for a TCP session to be established
before dropping the session.
This command sets how long the ZyXEL
Device leaves a TCP session open after the
firewall detects a FIN-exchange (indicating the
end of the TCP session).
This command sets how long ZyXEL Device
lets an inactive TCP connection remain open
before considering it closed.
393