User`s manual
P-660 Series Support Notes
185
All contents copyright © 2005 ZyXEL Communications Corporation.
<0~255> sessions to max-
incomplete-low
max-
incomplete-low
<0~255>
The threshold to stop
deleting the half-opened
session
tcp-max-
incomplete
<0~255>
The threshold to start
executing the block field
set
<set#>
name <desired
name>
Edit the name for a set
default-permit
<forward|block>
Edit whether a packet is
dropped or allowed when
it does not match the
default set
icmp-timeout
<seconds>
Edit the timeout for an idle
ICMP session before it is
terminated
udp-idle-timeout
<seconds>
Edit the timeout for an idle
UDP session before it is
terminated
connection-
timeout
<seconds>
Edit the wait time for the
SYN TCP sessions before
it is terminated
fin-wait-timeout
<seconds>
Edit the wait time for FIN
in concluding a TCP
session before it is
terminated
tcp-idle-timeout
<seconds>
Edit the timeout for an idle
TCP session before it is
terminated
pnc <yes|no>
PNC is allowed when 'yes'
is set even there is a rule
to block PNC
log <yes|no>
Switch on/off sending the
log for matching the
default permit
rule <rule#> permit
<forward|block>
Edit whether a packet is
dropped or allowed when
it matches this rule
active <yes|no> Edit whether a rule is
enabled or not
protocol <0~255> Edit the protocol number
for a rule. 1=ICMP,
6=TCP, 17=UDP...
log
<none|match|not-
match|both>
Sending a log for a rule
when the packet
none|matches|not
match|both the rule
alert <yes|no> Activate or deactivate the
notification when a DoS
attack occurs or there is a
violation of any alert
settings. In case of such
instances, the function will
send an email to the
SMTP destination address
and log an alert.
srcaddr-single <ip
address>
Select and edit a source
address of a packet which