ZyXEL Communications P-2602HWLNI 15.9 Firewall Commands

LABEL

DESCRIPTION

DEFAULT VALUES

Maximum

This is the number of existing half-open

100 existing half-open sessions.

Incomplete High

sessions that causes the firewall to start

The above values causes the

deleting half-open sessions. When the

ZyXEL Device to start deleting

number of existing half-open sessions rises

half-open sessions when the

above this number, the ZyXEL Device deletes

number of existing half-open

half-open sessions as required to

sessions rises above 100, and to

accommodate new connection requests. Do

stop deleting half-open sessions

not set Maximum Incomplete High to lower

with the number of existing half-

than the current Maximum Incomplete Low

open sessions drops below 80.

number.

TCP Maximum

This is the number of existing half-open TCP

30 existing half-open TCP

Incomplete

sessions with the same destination host IP

sessions.

address that causes the firewall to start

dropping half-open sessions to that same

destination host IP address. Enter a number

between 1 and 256. As a general rule, you

should choose a smaller number for a smaller

network, a slower system or limited

bandwidth.

Action taken when the TCP Maximum Incomplete reached threshold

Delete the Oldest

Select this radio button to clear the oldest half

Half Open

open session when a new connection request

Session when

comes.

New Connection

Request Comes.

Deny New

Select this radio button and specify for how

Connection

long the ZyXEL Device should block new

Request for

connection requests when TCP Maximum

Incomplete is reached.

Enter the length of blocking time in minutes

(between 1 and 256).

Apply

Click Apply to save your changes back to the ZyXEL Device.

Cancel

Click Cancel to begin configuring this screen afresh.

COMMAND

DESCRIPTION

acl

disp

Displays ACLs or a specific ACL set # and rule #.

active

<yesno>

Active firewall or deactivate firewall

Enables/disables the firewall.

cnt

262

P-2602HWLNI User’s Guide