Amer Networks E5Web GUI User Manual

Multicast TTL on Low

What action to take on too low multicast TTL values.

Default: DropLog

Default TTL

Indicates which TTL cOS Core is to use when originating a packet. These values are usually
between 64 and 255.

Default: 255

Layer Size Consistency

Verifies that the size information contained in each "layer" (Ethernet, IP, TCP, UDP, ICMP) is
consistent with that of other layers.

Default: ValidateLogBad

SecuRemoteUDP Compatibility

Allow IP data to contain eight bytes more than the UDP total length field specifies. Checkpoint
SecuRemote violates NAT-T drafts.

Default: Disabled

IP Option Sizes

Verifies the size of "IP options". These options are small blocks of information that may be added
to the end of each IP header. This function checks the size of well-known option types and
ensures that no option exceeds the size limit stipulated by the IP header itself.

Default: ValidateLogBad

IP Option Source/Return

Indicates whether source routing options are to be permitted. These options allow the sender of
the packet to control how the packet is to be routed through each router and gateway. These
constitute an enormous security risk. cOS Core never obeys the source routes specified by these
options, regardless of this setting.

Default: DropLog

IP Options Timestamps

Time stamp options instruct each router and gateway on the packet's route to indicate at what
time the packet was forwarded along the route. These options do not occur in normal traffic.
Time stamps may also be used to "record" the route a packet has taken from sender to final
destination. cOS Core never enters information into these options, regardless of this setting.

Default: DropLog

Chapter 12: Advanced Settings

722