ZyWALL 2 and ZyWALL 2WE

Chart N-1 Firewall Commands

FUNCTIONCOMMAND

Attack config edit firewall attack send- alert <yes no>

config edit firewall attack block <yes no>

config edit firewall attack block- minute <0-255>

config edit firewall attack minute- high <0-255>

config edit firewall attack minute- low <0-255>

config edit firewall attack max- incomplete-high <0-255>

config edit firewall attack max- incomplete-low <0-255>

config edit firewall attack tcp- max-incomplete <0-255>

DESCRIPTION

This command enables or disables the immediate sending of DOS attack notification e-mail messages.

Set this command to yes to block new traffic after the tcp-max-incomplete threshold is exceeded. Set it to no to delete the oldest half-open session when traffic exceeds the tcp-max-incomplete threshold.

This command sets the number of minutes for new sessions to be blocked when the tcp-max- incomplete threshold is reached. This command is only valid when block is set to yes.

This command sets the threshold rate of new half- open sessions per minute where the ZyWALL starts deleting old half-opened sessions until it gets them down to the minute-low threshold.

This command sets the threshold of half-open sessions where the ZyWALL stops deleting half- opened sessions.

This command sets the threshold of half-open sessions where the ZyWALL starts deleting old half- opened sessions until it gets them down to the max incomplete low.

This command sets the threshold where the ZyWALL stops deleting half-opened sessions.

This command sets the threshold of half-open TCP sessions with the same destination where the ZyWALL starts dropping half-open sessions to that destination.

60

Firewall Commands