ZyXEL Communications 91-009-073003B manual 524

DESCRIPTION

To edit what action the ZyWALL takes when a packet matches a signature,

select the signature and use the Action icon.

original setting: Select this action to return each signature in a service

group to its previously saved configuration.

none: Select this action on an individual signature or a complete service

group to have the ZyWALL take no action when a packet matches a rule.

drop: Select this action on an individual signature or a complete service

group to have the ZyWALL silently drop a packet that matches a rule.

Neither sender nor receiver are notified.

reject-sender: Select this action on an individual signature or a

complete service group to have the ZyWALL send a reset to the sender

when a packet matches the signature. If it is a TCP attack packet, the

ZyWALL will send a packet with a ‘RST’ flag. If it is an ICMP or UDP attack

packet, the ZyWALL will send an ICMP unreachable packet.

reject-receiver: Select this action on an individual signature or a

complete service group to have the ZyWALL send a reset to the receiver

when a packet matches the rule. If it is a TCP attack packet, the ZyWALL

will send a packet with an a ‘RST’ flag. If it is an ICMP or UDP attack

packet, the ZyWALL will do nothing.

reject-both: Select this action on an individual signature or a complete

service group to have the ZyWALL send a reset to both the sender and

receiver when a packet matches the rule. If it is a TCP attack packet, the

ZyWALL will send a packet with a ‘RST’ flag to the receiver and sender. If

it is an ICMP or UDP attack packet, the ZyWALL will send an ICMP

unreachable packet.

This is the entry’s index number in the list.

The activate (light bulb) icon is lit when the entry is active and dimmed

when the entry is inactive.

This is the name of the protocol anomaly rule. Click the Name column

heading to sort in ascending or descending order according to the

protocol anomaly rule name.

Click the icon to enable or disable a rule or group of rules.

These are the log options. To edit this, select an item and use the Log

icon.

This is the action the ZyWALL should take when a packet matches a rule.

To edit this, select an item and use the Action icon.

Select whether to have the ZyWALL generate a log (log), log and alert

(log alert) or neither (no) when traffic matches this anomaly rule. See

Chapter 46 on page 723 for more on logs.

Select what the ZyWALL should do when a packet matches a rule.

none: The ZyWALL takes no action when a packet matches the

signature(s).

block: The ZyWALL silently drops packets that matches the rule. Neither

sender nor receiver are notified.

524

ZyWALL USG 50 User’s Guide