Manualshelf

Technical data

ManualsBrandsSamsung ManualsFlat Panel TVPC680-ZA
51525354555657585960
3. Base configuration
PF_INPUT_ICMP_ECHO_REQ_LIMIT Defines how often fli4l should react to a ICMP-
Echo-request.The frequency is described as n/time units with bursts in analog to the limit
constraints, e.g. 3/minute:5. If the limit is reached packets will be ignored (DROP). If
this entry is empty a default of 1/second:5 is used, if set to none, the limit constraints
are disabled.
PF_INPUT_ICMP_ECHO_REQ_SIZE Defines the allowed size of an ICMP-Echo-request
(in bytes). The packet header has to be included in this setting besides the pure data.
The default is 150 bytes.
PF_INPUT_N PF_INPUT_x PF_INPUT_x_COMMENT A list of rules that describe which
packets the router should accept resp. reject.
The FORWARD-Chain
By using the FORWARD-chain will be configured which packets are forwarded by the router. If
no rule of the FORWARD-chain matches, the default action handles the packet and the protocol
variable decides wheter a rejection will be written to the system-protocol or not.
With the used parameters the restriction applies that only the actions ACCEPT, DROP and
REJECT are allowed.
PF_FORWARD_POLICY This variable describes the default action to be taken if no other
rule applies. Possible values:
ACCEPT
REJECT
DROP
PF_FORWARD_ACCEPT_DEF Determines if the router accepts packets belonging to es-
tablished connections. If this variable is set to ‘yes’, fli4l generates a rule for accepting
packets of the according state automatically:
'state:ESTABLISHED,RELATED ACCEPT',
aswell as a rule to drop packets of unknown state:
'state:INVALID DROP'.
and at last a rule to drop packets with faked IP addresses:
'state:NEW 127.0.0.1 DROP BIDIRECTIONAL'.
In addition the other subsystems will generate some default rules a configuration with-
out default rules with port forwarding and OpenVPN would contain at least the following
rules:
PF_FORWARD_ACCEPT_DEF='no'
PF_FORWARD_N='5'
PF_FORWARD_1='state:ESTABLISHED,RELATED ACCEPT'
PF_FORWARD_2='state:INVALID DROP'
PF_FORWARD_3='state:NEW 127.0.0.1 DROP BIDIRECTIONAL'
PF_FORWARD_4='pfwaccess-chain'
PF_FORWARD_5='ovpn-chain'
54