ZyXEL Communications 5 Series User Manual
Page 809
ZyWALL 5/35/70 Series User’s Guide
Appendix L Firewall Commands
809
config edit firewall attack
minute-high <0-255>
This command sets the threshold rate of new
half-open sessions per minute where the
ZyWALL starts deleting old half-opened
sessions until it gets them down to the minute-
low threshold.
config edit firewall attack
minute-low <0-255>
This command sets the threshold of half-open
sessions where the ZyWALL stops deleting
half-opened sessions.
config edit firewall attack
max-incomplete-high <0-255>
This command sets the threshold of half-open
sessions where the ZyWALL starts deleting
old half-opened sessions until it gets them
down to the max incomplete low.
config edit firewall attack
max-incomplete-low <0-255>
This command sets the threshold where the
ZyWALL stops deleting half-opened sessions.
config edit firewall attack
tcp-max-incomplete <0-255>
This command sets the threshold of half-open
TCP sessions with the same destination
where the ZyWALL starts dropping half-open
sessions to that destination.
Sets
config edit firewall set #> name This command sets a name to identify a Config edit firewall set #> default-permit block> This command sets whether a packet is Config edit firewall set #> icmp-timeout This command sets the time period to allow an Config edit firewall set #> udp-idle-timeout This command sets how long a UDP Config edit firewall set #> connection-timeout This command sets how long ZyWALL waits Config edit firewall set #> fin-wait-timeout This command sets how long the ZyWALL Table 288 Firewall Commands (continued) FUNCTION COMMAND DESCRIPTION
specified set.
dropped or allowed through, when it does not
meet a rule within the set.
ICMP session to wait for the ICMP response.
connection is allowed to remain inactive
before the ZyWALL considers the connection
closed.
for a TCP session to be established before
dropping the session.
leaves a TCP session open after the firewall
detects a FIN-exchange (indicating the end of
the TCP session).