beautypg.com

ZyXEL Communications Internet Security Gateway 10~100 Series User Manual

Page 62

background image

ZyWALL 10~100 Series Internet Security Gateway

10-4

Firewall

Commands

Chart 10-1 Firewall Commands

FUNCTION

COMMAND

DESCRIPTION

config edit firewall attack
minute-low <0-255>

This command sets the threshold of half-open
sessions where the ZyWALL stops deleting
half-opened sessions.

config edit firewall attack
max-incomplete-high <0-255>

This command sets the threshold of half-open
sessions where the ZyWALL starts deleting
old half-opened sessions until it gets them
down to the max incomplete low.

config edit firewall attack

max-incomplete-low <0-255>

This command sets the threshold where the
ZyWALL stops deleting half-opened sessions.

config edit firewall attack
tcp-max-incomplete <0-255>

This command sets the threshold of half-open
TCP sessions with the same destination
where the ZyWALL starts dropping half-open
sessions to that destination.

S

S

e

e

t

t

s

s

config edit firewall set #> name

This command sets a name to identify a
specified set.

Config edit firewall set #> default-permit block>

This command sets whether a packet is
dropped or allowed through, when it does not
meet a rule within the set.

Config edit firewall set #> icmp-timeout

This command sets the time period to allow
an ICMP session to wait for the ICMP
response.

Config edit firewall set #> udp-idle-timeout

This command sets how long a UDP
connection is allowed to remain inactive
before the ZyWALL considers the connection
closed.