13.4. State Settings
Connection Replace
Allows new additions to the NetDefendOS connection list to replace the oldest connections if there
is no available space.
Default: ReplaceLog
Log Open Fails
In some instances where the Rules section determines that a packet should be allowed through, the
stateful inspection mechanism may subsequently decide that the packet cannot open a new
connection. One example of this is a TCP packet that, although allowed by the Rules section and not
being part of an established connection, has its SYN flag off. Such packets can never open new
connections. In addition, new connections can never be opened by ICMP messages other than ICMP
ECHO (Ping). This setting determines if NetDefendOS is to log the occurrence of such packets.
Default: Enabled
Log Reverse Opens
Determines if NetDefendOS logs packets that attempt to open a new connection back through one
that is already open. This only applies to TCP packets with the SYN flag turned on and to ICMP
ECHO packets. In the case of other protocols such as UDP, there is no way of determining whether
the remote peer is attempting to open a new connection.
Default: Enabled
Log State Violations
Determines if NetDefendOS logs packets that violate the expected state switching diagram of a
connection, for example, getting TCP FIN packets in response to TCP SYN packets.
Default: Enabled
Log Connections
Specifies how NetDefendOS, will log connections:
•
NoLog – Does not log any connections; consequently, it will not matter if logging is enabled for
either Allow or NAT rules in the Rules section; they will not be logged. However, FwdFast,
Drop and Reject rules will be logged as stipulated by the settings in the Rules section.
•
Log – Logs connections in short form; gives a short description of the connection, which rule
allowed it to be made and any SAT rules that apply. Connections will also be logged when they
are closed.
•
LogOC – As for Log, but includes the two packets that cause the connection to be opened and
closed. If a connection is closed as the result of a timeout, no ending packet will be logged
•
LogOCAll – Logs all packets involved in opening and closing the connection. In the case of
TCP, this covers all packets with SYN, FIN or RST flags turned on
•
LogAll – Logs all packets in the connection.
13.4. State Settings
Chapter 13. Advanced Settings
437
Содержание 800 - DFL 800 - Security Appliance
Страница 24: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 24 ...
Страница 69: ...2 6 4 Restore to Factory Defaults Chapter 2 Management and Maintenance 69 ...
Страница 121: ...3 9 DNS Chapter 3 Fundamentals 121 ...
Страница 166: ...interfaces without an overriding IGMP Setting Default 1 000 4 6 4 Advanced IGMP Settings Chapter 4 Routing 166 ...
Страница 181: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 181 ...
Страница 192: ...5 5 IP Pools Chapter 5 DHCP Services 192 ...
Страница 282: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 282 ...
Страница 300: ...mechanism 7 3 7 SAT and FwdFast Rules Chapter 7 Address Translation 300 ...
Страница 301: ...7 3 7 SAT and FwdFast Rules Chapter 7 Address Translation 301 ...
Страница 303: ... Changed on a regular basis such as every three months 8 1 Overview Chapter 8 User Authentication 303 ...
Страница 318: ...8 3 Customizing HTML Pages Chapter 8 User Authentication 318 ...
Страница 322: ...ALG 9 1 5 The TLS Alternative for VPN Chapter 9 VPN 322 ...
Страница 377: ...Management Interface Failure with VPN Chapter 9 VPN 377 ...
Страница 408: ...10 4 6 SLB_SAT Rules Chapter 10 Traffic Management 408 ...
Страница 419: ...11 5 HA Advanced Settings Chapter 11 High Availability 419 ...
Страница 426: ...12 3 5 Limitations Chapter 12 ZoneDefense 426 ...
Страница 449: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 449 ...