Manualshelf

Technical data

ManualsBrandsSamsung ManualsFlat Panel TVPC680-ZA
51525354555657585960
3. Base configuration
PF_FORWARD_LOG Defines if rejected packets should be logged by the kernel. Log output
can be directed to the syslog deamon by activating OPT_KLOGD.
PF_FORWARD_LOG_LIMIT Defines how often log entries will be generated. The fre-
quency is described as n/time units with bursts in analog to the limit constraints, e.g.
3/minute:5. If this entry is empty a default of 1/second:5 is used, if set to none, the
limit constraints are disabled.
PF_FORWARD_REJ_LIMIT PF_FORWARD_UDP_REJ_LIMIT Specifies how often a RE-
JECT-packet is generated when rejecting incoming packets. The frequency is described
as n/time units with bursts in analog to the limit constraints, e.g. 3/minute:5. If this
entry is empty a default of 1/second:5 is used, if set to none, the limit constraints are
disabled.
PF_FORWARD_N PF_FORWARD_x PF_FORWARD_x_COMMENT A list of rules that
describe which packets the router should forward resp. reject.
The OUTPUT-Chain
The OUTPUT-chain configures what the router is allowed to access. If no rule of the OUTPUT-
chain matches, the default action handles the packet and the protocol variable decides wheter
a rejection will be written to the system-protocol or not.
With the used parameters the following restrictions apply:
Only ACCEPT, DROP and REJECT can be specified as actions.
For interface constraints only the output interface can be restricted.
PF_OUTPUT_POLICY This variable describes the default action to be taken if no other
rule applies. Possible values:
ACCEPT
REJECT
DROP
PF_OUTPUT_ACCEPT_DEF If this variable is set to ‘yes’ default rules necessary for cor-
rect function of the router will be generated. Use ‘yes’ as a default here.
If you want to configure the router’s behaviour completely yourself you may enter ‘no’
here but you will have to define all rules on your own then. An equivalent to the default
behaviour would look like this:
PF_OUTPUT_ACCEPT_DEF='no'
PF_OUTPUT_N='1'
PF_OUTPUT_1='state:ESTABLISHED,RELATED ACCEPT'
This single rule accepts only packets belonging to established connections (e.g. packets
of the state ESTABLISHED or RELATED).
55