Configuring the Wireless Barricade g Router
Parameter | Defaults | Description |
Fragmentation | 10 sec | Configures the number of seconds that a |
| packet state structure remains active. When | |
|
| the timeout value expires, the router drops |
|
| the unassembled packet, freeing that |
|
| structure for use by another packet. |
TCP SYN wait | 30 sec | Defines how long the software will wait for a |
|
| TCP session to synchronize before dropping |
|
| the session. |
TCP FIN wait | 5 sec | Specifies how long a TCP session will be |
|
| maintained after the firewall detects a FIN |
|
| packet. |
TCP connection idle | 3600 seconds | The length of time a TCP session will be |
timeout | (1 hour) | maintained if there is no activity. |
UDP session idle | 30 sec | The length of time a UDP session will |
timeout |
| maintained if there is no activity. |
|
|
|
H.323 data channel | 180 sec | The length of time an H.323 session will be |
idle timeout |
| maintained if there is no activity. |
|
|
|
DoS Criteria and Port Scan Criteria
Set up DoS and port scan criteria in the spaces provided (as shown below).
Parameter | Defaults | Description |
Total incomplete TCP/UDP | 300 sessions | Defines the rate of newly |
sessions HIGH |
| unestablished sessions that will |
|
| cause the software to start |
|
| deleting |
Total incomplete TCP/UDP | 250 sessions | Defines the rate of newly |
sessions LOW |
| unestablished sessions that will |
|
| cause the software to stop |
|
| deleting |
Incomplete TCP/UDP sessions | 250 sessions | Maximum number of allowed |
(per min.) HIGH |
| incomplete TCP/UDP sessions |
|
| per minute. |
Incomplete TCP/UDP sessions | 200 sessions | Minimum number of allowed |
(per min.) LOW |
| incomplete TCP/UDP sessions |
|
| per minute. Set this to “0” if no |
|
| minimum setting is required. |
Maximum incomplete TCP/UDP | 10 sessions | Maximum number of |
sessions number from same |
| incomplete TCP/UDP sessions |
host |
| from the same host. |
|
|
|
58
