User`s guide

ManualsBrandsDigi ManualsComputer equipmentTransPort WR41

341

342

343

344

345

346

347

348

349

350

345

Restore

If, after reviewing changes to the table it is decided that the edit should be abandoned,

clicking this button will restore the original “fw.txt” to the table, provided that they have not

been saved.

Below the firewall editor table is another table that controls which interfaces the firewall

rules apply to.

Interface

This column is simply a list of the available interfaces to which the firewall rules may be

applied.

Enabled

Check the checkbox next to the interface(s) that the firewall should operate on in order to

enable the firewall for that interface.

Related CLI Commands

Entity

Instance

Parameter

Values

Equivalent Web Parameter

fw n/a logclr - Reset Hit Counters

fw n/a save - Save

fw n/a - - Restore

The firewall rule hits may be viewed from the command line console by using the command:

type fwstat.hit

Configuration – Security > Firewall > Stateful Inspection Settings

The page described below contains timer timeout values and other options that are used by

the firewall stateful inspection module. This module establishes firewall rules that last for

the duration of a single connection only. Typically, the first packet of a TCP connection (SYN

packet) is used to create a stateful inspection rule that only allows subsequent packets for

that TCP connection through the firewall. The timers described below are used to set limits

on how long such rules persist.

Timers

TCP Opening s seconds

The value in this text box specifies the length of time following receipt of a TCP packet that

causes a stateful inspection rule to be created before a TCP connection must be established.

If a TCP connection is not established within this period, the associated stateful rule will be

removed.

TCP Open s seconds

The value in this text box specifies the length of time that an established TCP connection

may remain idle before the stateful inspection rule created for it is removed. The timer is

restarted each time a packet is processed by the associated stateful inspection rule.

TCP Closing s seconds

The value in this text box specifies the length of time that is allowed for a TCP socket to

close once the first FIN packet has been received. If the timer expires before the socket has

completed closing, the stateful inspection rule is removed.

TCP Closed s seconds

The value in this text box specifies the length of time that a stateful inspection rule will

remain in place after a TCP connection has closed.