beautypg.com

Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 586

background image

574

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

10

4. The firewall policy allows traffic filtering at the application layer using the Application Layer

Gateway feature. The Application Layer Gateway provides filters for the following common
protocols:

5. Refer to the Firewall Enhanced Logging field to set the following parameters:

6. Select the Enable Stateful DHCP Checks check box to enable the stateful checks of DHCP

packet traffic through the firewall. The default setting is enabled. When enabled, all DHCP
traffic flows are inspected.

7. Define Flow Timeout intervals for the following flow types impacting the Firewall:

FTP ALG

Check this check box to allow FTP traffic through the firewall using its default ports. This feature is
enabled by default.

TFTP ALG

Check this check box to allow TFTP traffic through the firewall using its default ports. This feature is
enabled by default.

SIP ALG

Check this check box to allow SIP traffic through the firewall using its default ports. This feature is
enabled by default.

SCCP ALG

Check this check box to allow SCCP traffic through the firewall using its default ports. This feature is
enabled by default.

Facetime ALG

Check this check box to allow FaceTime traffic through the firewall using its default ports. This feature is
enabled by default.

DNS ALG

Check the Enable box to allow DNS traffic through the firewall using its default ports. This feature is
enabled by default.

Log Dropped ICMP
Packets

Use the drop-down menu to define how dropped ICMP packets are logged. Logging can be rate limited for
one log instance every 20 seconds. Options include Rate Limited, All or None. The default setting is
None.

Log Dropped
Malformed Packets

Use the drop-down menu to define how dropped malformed packets are logged. Logging can be rate
limited for one log instance every 20 seconds. Options include Rate Limited, All or None. The default
setting is None.

Enable Verbose
Logging

Check this box to enable verbose logging mode for the firewall.

TCP Close Wait

Define a flow timeout value in either Seconds (1 - 32,400), Minutes (1 - 540) or Hours (1 - 9). The default
setting is 30 seconds.

TCP Established

Define a flow timeout value in either Seconds (1 - 32,400), Minutes (1 - 540) or Hours (1 - 9). The default
setting is 10,800 seconds.

TCP Reset

Define a flow timeout value in either Seconds (1 - 32,400), Minutes (1 - 540) or Hours (1 - 9). The default
setting is 10 seconds.

TCP Setup

Define a flow timeout value in either Seconds (1 - 32,400), Minutes (1 - 540) or Hours (1 - 9). The default
setting is 10 seconds.

Stateless TCP Flow

Define a flow timeout value in either Seconds (1 - 32,400), Minutes (1 - 540) or Hours (1 - 9). The default
setting is 90 seconds.

See also other documents in the category Brocade Computer Accessories: