Firewall Commands - ZyXEL Communications 10 User Manual

ZyWALL 10~100 Series Internet Security Gateway
FUNCTION
A t t a c k config edit firewall attack send-
A t t a c k
alert <yes | no>
config edit firewall attack block
<yes | no>
config edit firewall attack block-
minute <0-255>
config edit firewall attack minute-
high <0-255>
config edit firewall attack minute-
low <0-255>
config edit firewall attack max-
incomplete-high <0-255>
config edit firewall attack max-
incomplete-low <0-255>
config edit firewall attack tcp-
max-incomplete <0-255>
58
Chart N-1 Firewall Commands
COMMAND DESCRIPTION
This command enables or disables the immediate
sending of DOS attack notification e-mail messages.
yes
Set this command to
the tcp-max-incomplete threshold is exceeded. Set
no
it to to delete the oldest half-open session when
traffic exceeds the tcp-max-incomplete threshold.
This command sets the number of minutes for new
sessions to be blocked when the tcp-max-
incomplete threshold is reached. This command is
block
only valid when
This command sets the threshold rate of new half-
open sessions per minute where the ZyWALL starts
deleting old half-opened sessions until it gets them
down to the minute-low threshold.
This command sets the threshold of half-open
sessions where the ZyWALL stops deleting half-
opened sessions.
This command sets the threshold of half-open
sessions where the ZyWALL starts deleting old half-
opened sessions until it gets them down to the max
incomplete low.
This command sets the threshold where the
ZyWALL stops deleting half-opened sessions.
This command sets the threshold of half-open TCP
sessions with the same destination where the
ZyWALL starts dropping half-open sessions to that
destination.
to block new traffic after
yes
is set to .

Firewall Commands