Support User Manuals

ZyXEL Communications 792H Router User Manual

Open as PDF

of 428

Prestige 792H G.SHDSL Router

Firewall Configuration 9-7

Table 9-2 Alert

LABEL DESCRIPTION

One Minute High This is the rate of new half-open sessions that causes the firewall to start deleting

half-open sessions. The default is "100". When the rate of new connection attempts

rises above this number, the Prestige deletes half-open sessions as required to

accommodate new connection attempts. The Prestige stops deleting half-open

sessions when the number is less than the One Minute Low.

Maximum

Incomplete Low

This is the number of existing half-open sessions (default "80") that causes the

firewall to stop deleting half-open sessions.

The Prestige continues to delete half-open requests as necessary, until the number

of existing half-open sessions drops below this number.

Maximum

Incomplete High

This is the number of existing half-open sessions (default "100") that causes the

firewall to start deleting half-open sessions. When the number of existing half-open

sessions rises above this number, the Prestige deletes half-open sessions as

required to accommodate new connection requests. The Prestige stops deleting half-

open sessions when the number is less than the Max Incomplete Low.

Do not set Maximum Incomplete High to lower than the current Max Incomplete

Low number.

TCP Maximum

Incomplete

This is the number of existing half-open TCP sessions (default "10") with the same

destination host IP address that causes the firewall to start dropping half-open

sessions to that same destination host IP address. Enter a number between 1 and

256.

As a general rule, you should choose a smaller number for a smaller network, a

slower system or limited bandwidth.

Blocking Time

When TCP Maximum Incomplete is reached you can choose if the next session

should be allowed or blocked. If you select Blocking Time, any new sessions will be

blocked for the length of time you specify in the next field (min) and all old

incomplete sessions will be cleared during this period.

If you want strong security, it is better to block the traffic for a short time, as it will give

the server some time to digest the loading.

(min)

Type the length of Blocking Time in minutes (1-256). The default is "0".

Back

Click Back to return to the previous screen.

Apply

Click Apply to save your customized settings and exit this screen.

Cancel

Click Cancel to return to the previously saved settings.

previous next