ZyXEL Communications ZyXEL ZyWALL 5 User Manual
Page 624
ZyWALL 5 User’s Guide
Appendix L Firewall Commands
623
config edit firewall attack
minute-high <0-255>
This command sets the threshold rate of new
half-open sessions per minute where the
ZyWALL starts deleting old half-opened
sessions until it gets them down to the minute-
low threshold.
config edit firewall attack
minute-low <0-255>
This command sets the threshold of half-open
sessions where the ZyWALL stops deleting
half-opened sessions.
config edit firewall attack
max-incomplete-high <0-255>
This command sets the threshold of half-open
sessions where the ZyWALL starts deleting
old half-opened sessions until it gets them
down to the max incomplete low.
config edit firewall attack
max-incomplete-low <0-255>
This command sets the threshold where the
ZyWALL stops deleting half-opened sessions.
config edit firewall attack
tcp-max-incomplete <0-255>
This command sets the threshold of half-open
TCP sessions with the same destination
where the ZyWALL starts dropping half-open
sessions to that destination.
Sets
config edit firewall set
This command sets a name to identify a
specified set.
Config edit firewall set
This command sets whether a packet is
dropped or allowed through, when it does not
meet a rule within the set.
Config edit firewall set
This command sets the time period to allow an
ICMP session to wait for the ICMP response.
Config edit firewall set
This command sets how long a UDP
connection is allowed to remain inactive
before the ZyWALL considers the connection
closed.
Config edit firewall set
This command sets how long ZyWALL waits
for a TCP session to be established before
dropping the session.
Config edit firewall set
This command sets how long the ZyWALL
leaves a TCP session open after the firewall
detects a FIN-exchange (indicating the end of
the TCP session).
Table 30 Firewall Commands (continued)
FUNCTION
COMMAND
DESCRIPTION