McAfee SG310 Administration Manual page 165

Firewall menu options
Packet filtering
Figure 168 Rate Limit tab
Select the Enable Rate Limiting checkbox.
4
Enter the average number of connections matched before rate limiting applies in the Rate (connections
5
per second) field.
• Default: 10
• Accepted values: Integer equal to or greater than 1
Note: If Access Control is enabled, then packets that traverse Access Control are rate limited separately from
other packets, which means matching at potentially twice the specified rate.
Enter the maximum instantaneous number of connections before rate limiting applies in the Burst field.
6
Burst is useful for services that require multiple connections within a short time.
• Default: 10
• Accepted values: Integer equal to or greater than 1
Select an action to take when a packet matches the packet filter rule, but exceeds the rate limit from the
7
Action if Limited list. Available options are:
• None – [Default] Perform no action for rate limited packets, and continue matching on subsequent
rules. This is useful if you want rate limited packets to fall through to a more general rule.
• Accept – Allow the rate limited packet.
• Reject – Disallow the rate limited packet, but also send an "ICMP protocol unreachable" message to
the source IP address.
• Drop – Silently disallow the rate limited packet.
[Optional] To log rate-limited connections, select the Log if Limited checkbox. The first packet of
8
any-rate limited connection generates a log message.
[Optional] To ease identification of matched rules within the system log, enter an identifying string in the
9
Log Prefix field. The prefix text is placed at the start of the log message.
Click Update.
10
McAfee UTM Firewall 4.0.4 Administration Guide 165