Fortinet 548B Switch User Manual


 
- 635 -
packets that have TCP Flags FIN, URG, and PSH set and TCP Sequence Number=0. The factory
default is disabled.
TCP Flag&Sequence - Enable or disable this option by selecting the corresponding line on the
pulldown entry field. Enabling TCP Flag DoS prevention causes the switch to drop packets that have
TCP control flags set to 0 and TCP sequence number set to 0. The factory default is disabled.
TCP SYN - Enable or disable this option by selecting the corresponding line on the pulldown entry
field. Enabling TCP SYN DoS prevention causes the switch to drop packets that have TCP Flags SYN
set. The factory default is disabled.
TCP SYN&FIN - Enable or disable this option by selecting the corresponding line on the pulldown
entry field. Enabling TCP SYN & FIN DoS prevention causes the switch to drop packets that have
TCP Flags SYN and FIN set. The factory default is disabled.
First Fragment - Enable or disable this option by selecting the corresponding line on the pulldown
entry field. Enabling First Fragment DoS prevention causes the switch to drop packets that have a
More fragment equal to 1 and coorperate with other DoS options. The factory default is disabled.
TCP Offset - Enable or disable this option by selecting the corresponding line on the pulldown entry
field. Enabling TCP Offset DoS prevention causes the switch to drop packets that have a TCP header
Offset=1. The factory default is disabled.
Configurable Data
Min TCP Hdr Size - Specify the Min TCP Hdr Size allowed. If First Fragment DoS prevention is
enabled, the switch will drop packets that have a TCP header smaller then this configured Min TCP
Hdr Size. The factory default value is 20.
Max ICMPv4 Pkt Size - Specify the Max ICMPv4 Pkt Size allowed. If ICMP DoS prevention is
enabled, the switch will drop IPv4 ICMP ping packets that have a size greater then this configured
Max ICMP Pkt Size. The factory default value is 512.
Max ICMPv6 Pkt Size - Specify the Max IPv6 ICMP Pkt Size allowed. If ICMP DoS prevention is
enabled, the switch will drop IPv6 ICMP ping packets that have a size greater then this configured
Max ICMP Pkt Size. The factory default value is 512.
Command Buttons
Submit - Update the switch with the values on the screen. If you want the switch to retain the new
values across a power cycle you must perform a save.
11.2.4 Defining Forwarding Database
11.2.4.1 Configuring MAC Table aging interval time Page
Use this panel to set the Address Ageing Timeout for the forwarding database.