TCPSynUrg The TCP URG flag together with SYN; normally
invalid (strip=strip URG). (Default: DropLog)
TCPSynPsh The TCP PSH flag together with SYN; normally
invalid but always used by some IP stacks
(strip=strip PSH). (Default: StripSilent)
TCPSynRst The TCP RST flag together with SYN; normally
invalid (strip=strip RST). (Default: DropLog)
TCPSynFin The TCP FIN flag together with SYN; normally
invalid (strip=strip FIN). (Default: DropLog)
TCPSynFrag Fragmented data together with SYN; not invalid
but can be used for DoS attacks. (Default: DropLog)
TCPSynData Payload data together with SYN; not invalid but
can be used for DoS attacks. (Default: DropLog)
TCPFinUrg The TCP URG flag together with FIN; normally
invalid (strip=strip URG). (Default: DropLog)
TCPUrg The TCP URG flag; many operating systems cannot
handle this correctly. (Default: StripLog)
TCPECN The Explicit Congestion Notification (ECN) flags.
Previously known as "XMAS"/"YMAS" flags. Also
used in OS fingerprinting. (Default: StripLog)
TCPRF The TCP Reserved field: should be zero. Used in OS
fingerprinting. Also part of ECN extension. (Default:
StripLog)
TCPNULL TCP "NULL" packets without SYN, ACK, FIN or RST;
normally invalid, used by scanners. (Default:
DropLog)
TCPSequenceNumbers Validation of TCP sequence numbers. (Default:
ValidateLogBad)
TCPAllowReopen Allow clients to re-open TCP connections that are
in the closed state. (Default: No)
Note
This object type does not have an identifier and is identified by the name of the type
only. There can only be one instance of this type.
Chapter 3: Configuration Reference
306
To Next Page
Loading...
