Table of Contents
Advertisement
Firewall menu options
Packet filtering
[Optional] To make it easier to identify which rules are being matched when inspecting the system log,
14
enter a prefix in the Log Prefix field.
Click Finish. The rule is added to the Packet Filters Rules page. You can now move the rule up or down
15
in the list if there are other rules already defined, or edit it to configure rate limiting. See
packet filter
Editing a packet filter rule
From the Firewall menu, click Packet Filtering. The Packet Filters Rules page appears.
1
Click the edit icon for the packet filter rule you want to edit. An edit page for the rule appears.
2
Make your changes and click Update. An action successful message is displayed. Click the Packet Filter
3
Rules tab to return to the main page.
Disabling a packet filter rule
From the Firewall menu, click Packet Filtering. The Packet Filters Rules page appears.
1
Click the enable checkbox to clear the enabled check mark. The rule is no longer enabled.
2
Note:
You can also edit the rule and clear the Enable checkbox.
Enabling a packet filter rule
From the Firewall menu, click Packet Filtering. The Packet Filters Rules page appears.
1
Click the enable checkbox to select the rule. A check mark indicates the rule is enabled.
2
Note:
You can also edit the rule and select the Enable checkbox.
Deleting a packet filter rule
From the Firewall menu, click Packet Filtering. The Packet Filters Rules page appears.
1
Click the delete icon for the packet filter rule you want to delete. You are prompted to confirm the delete.
2
Click OK.
Rate limiting a packet filter rule
Once you create a packet filtering rule, you can specify rate limiting settings by editing the rule. Flood rate
limiting for packet filter rules only apply to the packets associated with a rule. The rate limit must be set for
each packet filter rule to which you want to apply flood rate limiting.
Rate limiting is enacted prior to the processing of its associate packet filter rule. Therefore, a rule with an
allow action limits the number of connections to the service. Rate limiting is useful for preventing a service
from becoming unavailable should many connection attempts occur in a short period of time, such as in the
case of a denial of service (DOS) attack. Packets that exceed the specified limit can be accepted, rejected,
or dropped, and can be logged.
For rules with a drop, reject, or none action, the rate limit works on all packets, unlike the rule with an
allow action.
Tip:
Flood rate limiting can be configured for Internet connections as well. The limiting for connections applies to
all packets on all Internet connections. For further information, see
From the Firewall menu, click Packet Filtering. The Packet Filtering page appears.
1
Click the edit icon next to the rule that you want to configure rate limiting. The edit page for the rule
2
opens.
Click the Rate Limit tab
3
164
McAfee UTM Firewall 4.0.4 Administration Guide
rule.
(Figure
168).
Connection
tracking.
Rate limiting a
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee SG310
Related Products for McAfee SG310
- McAfee SG720
- McAfee SAV85E - Active VirusScan - PC
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE EPOLICY ORCHESTRATOR 4.0 PATCH 5 - S 12-05-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 1 - S 24-04-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 2 - S 31-08-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 3 - S 09-02-2009
- McAfee SMEFCE-AI-DA - Email Security Service Inbound