Sharp SMC7004ABR Network Router User Manual


 
Configuring the Barricade Router
54
Connection Policy – Enter the appropriate values for TCP/
UDP sessions as described in the following table.
DoS Criteria and Port Scan Criteria
Set up DoS and port scan criteria in the spaces provided (as
shown below).
Parameter Defaults Description
Fragmentation
half-open wait
10 sec Configures the number of seconds
that a packet state structure
remains active. When the timeout
value expires, the router drops the
unassembled packet, freeing that
structure for use by another packet.
TCP SYN wait 30 sec Defines how long the software will
wait for a TCP session to
synchronize before dropping the
session.
TCP FIN wait 5 sec Specifies how long a TCP session
will be maintained after the firewall
detects a FIN packet.
TCP connection
idle timeout
3600
seconds
(1 hour)
The length of time a TCP session
will be maintained if there is no
activity.
UDP session idle
timeout
30 sec The length of time a UDP session
will maintained if there is no activity.
H.323 data
channel idle
timeout
180 sec The length of time an H.323
session will be maintained if there
is no activity.
Parameter Defaults Description
Total incomplete TCP/
UDP sessions HIGH
300 sessions Defines the rate of newly
unestablished sessions that
will cause the software to
start deleting half-open
sessions.