Firewall
BAT54-Rail/F..
Release
7.54
06/08
8.3
The BAT Firewall
273
Additionally, you can adjust for the limit whether it refers to a logical connec-
tion or to all connections together, which exist between the defined destina-
tion and source stations via the corresponding services. Thus it is controlled
whether the filter takes effect, if e.g. all HTTP connections of the users in the
LAN exceed the limit in sum, or whether it is sufficient that only one of the
parallel established HTTP connections exceeds the threshold value.
For absolute values it is additionally possible to specify whether the counter
belonging to it will be reset to zero when the limit has been reached.
Note: In any case, data will be transferred if a limit has not been reached yet!
With a trigger value of zero a rule becomes immediately active, as soon
as data packets arrive for transmission on the specified connection.
U Packet action
The Firewall has three possibilities to treat a filtered packet:
D Transmit: The packet will be transferred normally.
D Drop: The packet will be discarded silently.
D Reject: The packet will be rejected, the addressee receives an appropri-
ate message via ICMP.
U Further measures
The Firewall does not only serve to discard or accept the filtered data pack-
ets, but it can also take additional measures when a data packet has been
registered by the filter. The measures here are divided into the fields “proto-
colling/notification” and “prevent further attacks”:
D Send a Syslog message: Sends a message via the SYSLOG module to
a SYSLOG client, as defined in configuration field “Log & Trace”.
D Send an email message: Sends an email message to the administrator,
using the account specified in the configuration field “Log & Trace”.
D SNMP/LANmonitor: Sends a SNMP trap, that will be analyzed e. g. by
LANmonitor.
Note: Each of these three message measures leads automatically to an en-
try in the Firewall event table.
D Disconnect: Cuts the connection, over which the filtered packet has been
received.
✔
To Next Page
Loading...
Need help?
General
