Manualshelf

Technical data

ManualsBrandsSamsung ManualsFlat Panel TVPC680-ZA
51525354555657585960
3. Base configuration
PF_OUTPUT_LOG Defines if rejected packets should be logged by the kernel. Log output
can be directed to the syslog deamon by activating OPT_KLOGD.
PF_OUTPUT_LOG_LIMIT Defines how often log entries will be generated. The frequency is
described as n/time units with bursts in analog to the limit constraints, e.g. 3/minute:5.
If this entry is empty a default of 1/second:5 is used, if set to none, the limit constraints
are disabled.
PF_OUTPUT_REJ_LIMIT PF_OUTPUT_UDP_REJ_LIMIT Specifies how often a RE-
JECT-packet is generated when rejecting incoming packets. The frequency is described
as n/time units with bursts in analog to the limit constraints, e.g. 3/minute:5. If the
limit is exceeded packets will be ignored (DROP). If this entry is empty a default of
1/second:5 is used, if set to none, the limit constraints are disabled.
PF_OUTPUT_N PF_OUTPUT_x PF_OUTPUT_x_COMMENT A list of rules that de-
scribe which packets the router should transmit resp. drop.
User Defined Lists
In several cases you may want to establish own chains to filter packets in detail there. These
chains can be defined and filled with rules via PF_USR_CHAIN_%. The names of the chains have to
start with usr- and after their definition can be used everywhere in the INPUT- or FORWARD-chain
as actions. The ICMP-filter chain used before will serve as an example here:
PF_USR_CHAIN_N='1'
#
# create usr-in-icmp
#
PF_USR_CHAIN_1_NAME='usr-in-icmp'
#
# add rule to usr-in-icmp
#
PF_USR_CHAIN_1_RULE_N='2'
PF_USR_CHAIN_1_RULE_1='prot:icmp:echo-request length:0-150 limit:1/second:5 ACCEPT'
PF_USR_CHAIN_1_RULE_2='state:RELATED ACCEPT'
#
# use chain in PF_INPUT
#
PF_INPUT_2='prot:icmp usr-in-icmp'
PF_USR_CHAIN_N Defines the number of user defined chains.
PF_USR_CHAIN_x_NAME Defines the name of an user defined chain. The name has to
be prefixed by usr-.
PF_USR_CHAIN_x_RULE_N
PF_USR_CHAIN_x_RULE_x
PF_USR_CHAIN_x_RULE_x_COMMENT These variables define the rules to be inserted
in the user defined chain. All rules may be used that are also valid for the FORWARD-chain.
If no rule of the user defined chains matches, the router will return to the parent chain
and check the next rule after the branching to the user defined rules.
56