Configuring firewall settings 132 – SMC Networks ADSL Barricade SMC7204BRA User Manual

Configuring Firewall Settings

132

2. Configure any of the following settings that figure in the

[Firewall Global Information] table:

Field

Description

Blacklist Status:

If you want the device to maintain and use a black list,
click [Enable]. Click [Disable] if you do not want to maintain
a list.

Blacklist Period(min):

This field specifies the number of minutes that a
computer's IP address will remain on the black list (i.e., all
traffic originating from that computer will be blocked from
passing through any interface on the ADSL Barricade).
For more information, see Managing the Black List on
page 134.

Attack Protection:

Click the [Enable] radio button to use the built-in firewall
protections that prevent the following common types of
attacks.

IP Spoofing: Sending packets over the WAN interface
using an internal LAN IP address as the source address.

Tear Drop: Sending packets that contain overlapping
fragments.

Smurf and Fraggle: Sending packets that use the WAN or
LAN IP broadcast address as the source address.

Land Attack: Sending packets that use the same address
as the source and destination address.

Ping of Death: Illegal IP packet length.

Dos Protection:

Click the [Enable] radio button to use the following denial
of service protections: SYN DoS, ICMP DoS, Per-host
DoS protection.

Max Half open TCP
Conn.:

This field sets the percentage of concurrent IP sessions
that can be in the half-open state. In ordinary TCP
communication, packets are in the half-open state only
briefly as a connection is being initiated; the state
changes to active when packets are being exchanged, or
closed when the exchange is complete. TCP connections
in the half-open state can use up the available IP
sessions. If the percentage is exceeded, then the half-open
sessions will be closed and replaced with new sessions
as they are initiated.