Chapter 8: Firewall LANCOM Reference Manual LCOS 3.50
149
Firewall
If an action is given without any associated limit, then implicitly apacket limit is assumed that is immediately exceeded with the firstpacket.Packet action These packet actions can be combined arbitrarily. If you choose absurd orambiguous actions (e. g.: Accept + Drop), then the more secure d actionwill be taken (here: “Drop”).
Packet (rel) Number of packets/second, minute, hour on the connec-
tion after which the action is executed.
%lcps
%lcpm
%lcph
Global data
(abs) Global data (abs): Absolute number of kilobytes received
from the destination station or sent to it, after which the
action is executed.
%lgd
Global data (rel) Number of kilobytes/second, minute or hour received
from the destination station or sent to it, after which the
action is executed.
%lgds
%lgdm
%lgdh
Global packet
(abs)
Absolute number of packets received from the destina-
tion station or sent to it, after which the action is exe-
cuted.
%lgp
Global packet
(rel) Number of packets/second, minute or hour received
from the destination station or sent to it, after which the
action is executed.
%lgps
%lgpm
%lgph
Receive option Limit restriction to the direction of reception (this affects
in the context with above limitations). In the ID object
column, examples are indicated.
%lgdsr
%lcdsr
Transmit option Limit restriction to the sending direction (this affects in
the context with above limitations). In the ID object col-
umn, examples are indicated.
%lgdst
%lcdst

Packet

action

Description Object

ID

Accept The packet will be accepted. %a
Reject The packet will be rejected with the corresponding error
message. %r
Drop The packet will be discarded silently. %d

Limit Description Object

ID