Lancom Systems LCOS 3.50 Server User Manual


 
LANCOM Reference Manual LCOS 3.50 ̈ Chapter 8: Firewall
130
Firewall
Limit / Trigger
The limit or trigger describes a quantified threshold value that must be
exceeded on the defined connection before the filter action gets executed for
a data packet. A limit is composed by the following parameters:
̈ Unit (kbit, kbyte or packets)
̈ Amount, that means data rate or number.
̈ Reference value (per second, per minute, per hour or absolute)
Additionally, you can adjust for the limit whether it refers to a logical connec-
tion or to all connections together, which exist between the defined destina-
tion and source stations via the corresponding services. Thus it is controlled
whether the filter takes effect, if e.g. all HTTP connections of the users in the
LAN exceed the limit in sum, or whether it is sufficient that only one of the
parallel established HTTP connections exceeds the threshold value.
For absolute values it is additionally possible to specify whether the counter
belonging to it will be reset to zero when the limit has been reached.
In any case, data will be transferred if a limit has not been reached
yet! With a trigger value of zero a rule becomes immediately active, as
soon as data packets arrive for transmission on the specified connec-
tion.
Packet action
The Firewall has three possibilities to treat a filtered packet:
̈ Transmit: The packet will be transferred normally.
̈ Drop: The packet will be discarded silently.
̈ Reject: The packet will be rejected, the addressee receives an appropriate
message via ICMP.
Further measures
The Firewall does not only serve to discard or accept the filtered data packets,
but it can also take additional measures when a data packet has been regis-
tered by the filter. The measures here are devided into the fields “protocolling/
notification” and “prevent further attacks”:
̈ Send a Syslog message: Sends a message via the SYSLOG module to a
SYSLOG client, as defined in configuration field “Log & Trace”.
̈ Send an email message: Sends an email message to the administrator,
using the account specified in the configuration field “Log & Trace”.