1. Manuals
  2. Brands
  3. Fortinet Manuals
  4. Network Hardware
  5. FortiGate FortiGate-ASM-FB4
  6. Technical note

Fortinet FortiGate FortiGate-ASM-FB4 Technical Note page 14

Version 1.0
Hide thumbs Also See for FortiGate FortiGate-ASM-FB4:
Table of Contents

Advertisement

config system interface
14
Variables
Description
Select the media type of the transceiver.
mediatype {serdes
| sgmii}
By configuring this option, enable hardware
fp-anomaly
anomaly checking, and list whether to drop or
{drop_icmpland |
allow (pass) specific anomaly types.
pass_icmpland}
drop_icmpland: Drop ICMP land.
{drop_ipland |
pass_icmpland: Allow ICMP land to pass.
pass_ipland}
{drop_iplsrr |
drop_ipland: Drop IP land.
pass_iplsrr}
pass_ipland: Allow IP land to pass.
{drop_iprr |
drop_iplsrr: Drop IP with loose source
pass_iprr}
record route option.
{drop_ipsecurity
pass_iplsrr: Allow IP with loose source
|
record route option to pass.
pass_ipsecurity}
drop_iprr: Drop IP with record route option.
{drop_ipssrr |
pass_iprr: Allow IP with record route option
pass_ipssrr}
to pass.
{drop_ipstream |
drop_ipsecurity: Drop IP with security
pass_ipstream}
option.
{drop_iptimestamp
pass_ipsecurity: Allow IP with security
|
option to pass.
pass_iptimestamp}
drop_ipssrr: Drop IP with strict source
{drop_ipunknown_o
record route option.
ption |
pass_ipssrr: Allow IP with strict source
pass_ipunknown_op
record route option to pass.
tion}
drop_ipstream: Drop IP with stream option.
{drop_unknown_pro
pass_ipstream: Allow IP with stream option
t |
to pass.
pass_ipunknown_pr
drop_iptimestamp: Drop IP with timestamp
ot} {drop_tcpland
option.
| pass_tcpland}
pass_iptimestamp: Allow IP with timestamp
{drop_udpland |
option to pass.
pass_udpland}
drop_ipunknown_option: Drop IP with
{drop_winnuke |
unknown option.
pass_winnuke}
pass_ipunknown_option: Allow IP with
unknown option to pass.
drop_ipunknown_prot: Drop IP with
unknown protocol.
pass_ipunknown_prot: Allow IP with
unknown protocol to pass.
drop_tcpland: Drop TCP land.
pass_tcpland: Allow TCP land to pass.
drop_winnuke: Drop TCP WinNuke.
pass_winnuke: Allow TCP WinNuke to pass.
drop_udpland: Drop UDP land.
pass_udpland: Allow UDP land to pass.
Separate each anomaly's option with a space. To
add or remove an option from the list, completely
retype the new list.
When no options are specified, anomaly checking
performed by the FortiGate-ASM-FB4 module is
disabled. If pass options are specified, packets
may still be rejected by other anomaly checks,
including policy-required IPS performed using the
FortiGate unit's main processing resources.
Log messages are generated when packets are
dropped due to options in this setting.
Specialized CLI settings
FortiGate-ASM-FB4 Version 1.0 Technical Note
01-30005-0424-20071002
Default
serdes
No options
specified
(disabled)

Advertisement

Table of Contents
loading

Related Manuals for Fortinet FortiGate FortiGate-ASM-FB4

Related Products for Fortinet FortiGate FortiGate-ASM-FB4

Table of Contents