ZyXEL Communications ZyWALL USG 200 Series User Manual page 640
Unified security gateway
Hide thumbs
Also See for ZyWALL USG 200 Series:
- User manual (902 pages) ,
- Manual (1157 pages) ,
- Reference manual (394 pages)
Table of Contents
Advertisement
Chapter 35 ADP
Table 174 Configuration > ADP > Profile > Protocol Anomaly (continued)
LABEL
Action
#
Status
Name
Activation
Log
Action
Log
Action
640
DESCRIPTION
To edit what action the ZyWALL takes when a packet matches a signature,
select the signature and use the Action icon.
original setting: Select this action to return each signature in a service
group to its previously saved configuration.
none: Select this action on an individual signature or a complete service
group to have the ZyWALL take no action when a packet matches a rule.
drop: Select this action on an individual signature or a complete service
group to have the ZyWALL silently drop a packet that matches a rule.
Neither sender nor receiver are notified.
reject-sender: Select this action on an individual signature or a
complete service group to have the ZyWALL send a reset to the sender
when a packet matches the signature. If it is a TCP attack packet, the
ZyWALL will send a packet with a 'RST' flag. If it is an ICMP or UDP attack
packet, the ZyWALL will send an ICMP unreachable packet.
reject-receiver: Select this action on an individual signature or a
complete service group to have the ZyWALL send a reset to the receiver
when a packet matches the rule. If it is a TCP attack packet, the ZyWALL
will send a packet with an a 'RST' flag. If it is an ICMP or UDP attack
packet, the ZyWALL will do nothing.
reject-both: Select this action on an individual signature or a complete
service group to have the ZyWALL send a reset to both the sender and
receiver when a packet matches the rule. If it is a TCP attack packet, the
ZyWALL will send a packet with a 'RST' flag to the receiver and sender. If
it is an ICMP or UDP attack packet, the ZyWALL will send an ICMP
unreachable packet.
This is the entry's index number in the list.
The activate (light bulb) icon is lit when the entry is active and dimmed
when the entry is inactive.
This is the name of the protocol anomaly rule. Click the Name column
heading to sort in ascending or descending order according to the
protocol anomaly rule name.
Click the icon to enable or disable a rule or group of rules.
These are the log options. To edit this, select an item and use the Log
icon.
This is the action the ZyWALL should take when a packet matches a rule.
To edit this, select an item and use the Action icon.
Select whether to have the ZyWALL generate a log (log), log and alert
(log alert) or neither (no) when traffic matches this anomaly rule. See
Chapter 51 on page 865
Select what the ZyWALL should do when a packet matches a rule.
none: The ZyWALL takes no action when a packet matches the
signature(s).
block: The ZyWALL silently drops packets that matches the rule. Neither
sender nor receiver are notified.
for more on logs.
ZyWALL USG 100/200 Series User's Guide
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
