3.68. IPSettings
Description
Settings related to the IP protocol.
Properties
EnableIPv6 Enable processing of IPv6 traffic. (Default: No)
IP6LogOnForwardHopLimit0 Log any attempts of forwarding IPv6 packets with
HopLimit=0 destined for outside the firewall; this
should never happen! (Default: DropLog)
IP6AnycastSrc Drop Log packets with anycast source address.
(Default: DropLog)
HopLimitMin The minimum IP Hop-Limit value accepted on
receipt. (Default: 3)
HopLimitOnLow What action to take on too low unicast Hop-Limit
values. (Default: DropLog)
HopLimitMinMulticast The minimum IP multicast Hop-Limit value
accepted on receipt. (Default: 1)
HopLimitOnLowMulticast What action to take on too low multicast Hop-Limit
values. (Default: DropLog)
DefaultHopLimit The default IP Hop-Limit of packets originated by
the firewall (32-255). (Default: 255)
IP6Fl Validate IPV6 Flow label header field. (Default:
Ignore)
IP6TC Validate IPV6 Traffic class header field. (Default:
Ignore)
IP6MaxExtHdr Maximum allowed size of all IP6 extension headers.
(Default: 256)
IP6OnMaxExtHdr Validate the extension header length when it goes
beyond IP6MaxExtHdr. (Default: DropLog)
RejectUnorderedExtHdr Send an ICMPv6 error when encountering
extension headers out of order. (Default: No)
IP6MaxOptHdr Total number of options allowed per IP6 extension
header. (Default: 8)
IP6OnMaxOptHdr Validate the number of options per extension
header when it goes beyond IP6MaxOptHdr.
(Default: DropLog)
IP6ValidateSyntax Validate ipv6 syntax violation. (Default:
ValidateLogBad)
IP6OPT_PADN Validate when ipv6 padn option data fields are
non-zero. (Default: StripLog)
Chapter 3: Configuration Reference
224
To Next Page
Loading...
