Firewall config, Configure the firewall options, Firewall commands – Technicolor - Thomson ST585 V6 User Manual

E-DOC-CTC-20061027-0004 v1.0

Firewall Commands

336

firewall config

Configure the firewall options.

SYNTAX:

where:

firewall config

[state = <{disabled | enabled}>]
[keep = <{disabled | enabled}>]
[tcpchecks = <{none | fast | exact}>]
[udpchecks = <{disabled|enabled}>]
[icmpchecks = <{disabled | enabled}>]
[logdefault = <{disabled | enabled}>]
[logthreshold = <{disabled | enabled}>]
[tcpwindow = ]

state

Enable or disable the firewall.
The default is

enabled

.

OPTIONAL

keep

The firewall keeps active connections (enabled) or not
(disabled) when the firewall rules change.
The default is

disabled

.

OPTIONAL

tcpchecks

Select the level of TCP sequence number checks. Choose
between:

>

none

: no TCP checks are done.

>

fast

: check all the combinations of flag and disallow all the

possible illegal combinations shown below:

„

SYN PSH (SYN PSH URG,...)

„

SYN FIN (SYN FIN PSH, SYN FIN RST PSH,...)

„

FIN flag set without ACK

„

All flags set

„

No flags set.

>

exact

: check and permit only combinations of flag with the

TCP state of a connection:

„

SYN: request to open connection

„

SYN ACK: agree to open connection

„

A, PA, AU, PAU: acknowledgement of receipt

„

FA, FAP, FAU, FAP, FAPU, FAU, FPAU: request to close
connection

„

R, RA, RP, RU, RPA, RPU, RAU, RPAU: tear down
connection.

The default is

none

.

OPTIONAL

udpchecks

Disable or enable keeping UDP checks.
The default is

enabled

.

OPTIONAL

icmpchecks

Disable or enable keeping ICMP checks.
The default is

enabled

.

OPTIONAL