Firewall
BAT54-Rail/F..
Release
7.54
06/08
8.3
The BAT Firewall
293
Note: If an action is given without any associated limit, then implicitly a pack-
et limit is assumed that is immediately exceeded with the first packet.
D Packet action
These packet actions can be combined arbitrarily. If you choose absurd
or ambiguous actions (e. g.: Accept + Drop), then the more secured
action will be taken (here: “Drop”).
D Further measures
Global data
(rel)
Number of kilobytes/second, minute or hour received from the destination station
or sent to it, after which the action is executed.
%lgds
%lgdm
%lgdh
Global
packet (abs)
Absolute number of packets received from the destination station or sent to it,
after which the action is executed.
%lgp
Global
packet (rel)
Number of packets/second, minute or hour received from the destination station
or sent to it, after which the action is executed.
%lgps
%lgpm
%lgph
Receive
option
Limit restriction to the direction of reception (this affects in the context with above
limitations). In the ID object column, examples are indicated.
%lgdsr
%lcdsr
Transmit
option
Limit restriction to the sending direction (this affects in the context with above lim-
itations). In the ID object column, examples are indicated.
%lgdst
%lcdst
Packet action Description Object ID
Accept The packet will be accepted. %a
Reject The packet will be rejected with the corresponding error message. %r
Drop The packet will be discarded silently. %d
Measure Description Object ID
Syslog Gives a detailed notification via SYSLOG. %s
Mail Sends an email to the administrator. %m
SNMP Sends a SNMP trap. %n
Close port Closes the destination port for a given time. %p
Deny host Locks out the sender address for a given time. %h
Disconnect Disconnects the connection to the remote site from which the packet
was received or sent.
%t
Zero limit Resets the limit counter to 0 again upon exceeding of the trigger thresh-
old.
%z
Fragmentation Forces a fragmentation of all packets not matching to the rule. %f
Limit Description Object ID
To Next Page
Loading...
Need help?
General
