- SMC Cable/DSL Broadband Router User Guide
Configuring the Wireless Barricade g Router
58
DoS Criteria and Port Scan Criteria
Set up DoS and port scan criteria in the spaces provided (as
shown below).
Parameter Defaults Description
Fragmentation
half-open wait
10 sec Configures the number of seconds that a
packet state structure remains active. When
the timeout value expires, the router drops
the unassembled packet, freeing that
structure for use by another packet.
TCP SYN wait 30 sec Defines how long the software will wait for a
TCP session to synchronize before dropping
the session.
TCP FIN wait 5 sec Specifies how long a TCP session will be
maintained after the firewall detects a FIN
packet.
TCP connection idle
timeout
3600 seconds
(1 hour)
The length of time a TCP session will be
maintained if there is no activity.
UDP session idle
timeout
30 sec The length of time a UDP session will
maintained if there is no activity.
H.323 data channel
idle timeout
180 sec The length of time an H.323 session will be
maintained if there is no activity.
Parameter Defaults Description
Total incomplete TCP/UDP
sessions HIGH
300 sessions Defines the rate of newly
unestablished sessions that will
cause the software to start
deleting half-open sessions.
Total incomplete TCP/UDP
sessions LOW
250 sessions Defines the rate of newly
unestablished sessions that will
cause the software to stop
deleting half-open sessions.
Incomplete TCP/UDP sessions
(per min.) HIGH
250 sessions Maximum number of allowed
incomplete TCP/UDP sessions
per minute.
Incomplete TCP/UDP sessions
(per min.) LOW
200 sessions Minimum number of allowed
incomplete TCP/UDP sessions
per minute. Set this to “0” if no
minimum setting is required.
Maximum incomplete TCP/UDP
sessions number from same
host
10 sessions Maximum number of
incomplete TCP/UDP sessions
from the same host.