̈ Chapter 8: Firewall LANCOM Reference Manual LCOS 3.50
149
Firewall
If an action is given without any associated limit, then implicitly a
packet limit is assumed that is immediately exceeded with the first
packet.
̈ Packet action
These packet actions can be combined arbitrarily. If you choose absurd or
ambiguous actions (e. g.: Accept + Drop), then the more secured action
will be taken (here: “Drop”).
Packet (rel) Number of packets/second, minute, hour on the connec-
tion after which the action is executed.
%lcps
%lcpm
%lcph
Global data
(abs)
Global data (abs): Absolute number of kilobytes received
from the destination station or sent to it, after which the
action is executed.
%lgd
Global data (rel) Number of kilobytes/second, minute or hour received
from the destination station or sent to it, after which the
action is executed.
%lgds
%lgdm
%lgdh
Global packet
(abs)
Absolute number of packets received from the destina-
tion station or sent to it, after which the action is exe-
cuted.
%lgp
Global packet
(rel)
Number of packets/second, minute or hour received
from the destination station or sent to it, after which the
action is executed.
%lgps
%lgpm
%lgph
Receive option Limit restriction to the direction of reception (this affects
in the context with above limitations). In the ID object
column, examples are indicated.
%lgdsr
%lcdsr
Transmit option Limit restriction to the sending direction (this affects in
the context with above limitations). In the ID object col-
umn, examples are indicated.
%lgdst
%lcdst
Packet
action
Description Object
ID
Accept The packet will be accepted. %a
Reject The packet will be rejected with the corresponding error
message.
%r
Drop The packet will be discarded silently. %d
Limit Description Object
ID