Firewall config, Configure the firewall options, Firewall commands – Technicolor - Thomson ST585 V6 User Manual
Page 360: Syntax
E-DOC-CTC-20061027-0004 v1.0
Firewall Commands
336
firewall config
Configure the firewall options.
SYNTAX:
where:
firewall config
[state = <{disabled | enabled}>]
[keep = <{disabled | enabled}>]
[tcpchecks = <{none | fast | exact}>]
[udpchecks = <{disabled|enabled}>]
[icmpchecks = <{disabled | enabled}>]
[logdefault = <{disabled | enabled}>]
[logthreshold = <{disabled | enabled}>]
[tcpwindow = <number{0-1073725440}>]
state
Enable or disable the firewall.
The default is
enabled
.
OPTIONAL
keep
The firewall keeps active connections (enabled) or not
(disabled) when the firewall rules change.
The default is
disabled
.
OPTIONAL
tcpchecks
Select the level of TCP sequence number checks. Choose
between:
>
none
: no TCP checks are done.
>
fast
: check all the combinations of flag and disallow all the
possible illegal combinations shown below:
SYN PSH (SYN PSH URG,...)
SYN FIN (SYN FIN PSH, SYN FIN RST PSH,...)
FIN flag set without ACK
All flags set
No flags set.
>
exact
: check and permit only combinations of flag with the
TCP state of a connection:
SYN: request to open connection
SYN ACK: agree to open connection
A, PA, AU, PAU: acknowledgement of receipt
FA, FAP, FAU, FAP, FAPU, FAU, FPAU: request to close
connection
R, RA, RP, RU, RPA, RPU, RAU, RPAU: tear down
connection.
The default is
none
.
OPTIONAL
udpchecks
Disable or enable keeping UDP checks.
The default is
enabled
.
OPTIONAL
icmpchecks
Disable or enable keeping ICMP checks.
The default is
enabled
.
OPTIONAL