P-660H/HW/W-T Series User’ Guide
Appendix G 390
config edit firewall attack
minute-low <0-255>
This command sets the threshold of half-open
sessions where the Prestige stops deleting
half-opened sessions.
config edit firewall attack
max-incomplete-high <0-255>
This command sets the threshold of half-open
sessions where the Prestige starts deleting old
half-opened sessions until it gets them down
to the max incomplete low.
config edit firewall attack
max-incomplete-low <0-255>
This command sets the threshold where the
Prestige stops deleting half-opened sessions.
config edit firewall attack
tcp-max-incomplete <0-255>
This command sets the threshold of half-open
TCP sessions with the same destination
where the Prestige starts dropping half-open
sessions to that destination.
Sets config edit firewall set <set
#> name <desired name>
This command sets a name to identify a
specified set.
Config edit firewall set <set
#> default-permit <forward |
block>
This command sets whether a packet is
dropped or allowed through, when it does not
meet a rule within the set.
Config edit firewall set <set
#> icmp-timeout <seconds>
This command sets the time period to allow an
ICMP session to wait for the ICMP response.
Config edit firewall set <set
#> udp-idle-timeout <seconds>
This command sets how long a UDP
connection is allowed to remain inactive
before the Prestige considers the connection
closed.
Config edit firewall set <set
#> connection-timeout
<seconds>
This command sets how long Prestige waits
for a TCP session to be established before
dropping the session.
Config edit firewall set <set
#> fin-wait-timeout <seconds>
This command sets how long the Prestige
leaves a TCP session open after the firewall
detects a FIN-exchange (indicating the end of
the TCP session).
Config edit firewall set <set
#> tcp-idle-timeout <seconds>
This command sets how long Prestige lets an
inactive TCP connection remain open before
considering it closed.
Table 138 Firewall Commands (continued)
FUNCTION COMMAND DESCRIPTION
Comments to this Manuals