Linux-UNIX: S-TAP Control: Firewall parameters
These parameters affect the behavior of the S-TAP with respect to the firewall.
Name | Default value | Description |
---|---|---|
Firewall installed | Firewall feature enabled. Valid values:
|
|
Firewall timeout | 2 | Time, in seconds, to wait for a verdict from the Guardium® system. If the firewall times out, the value of the
parameter Firewall fail close determines whether to block or allow
the connection. Valid values: 0-10. |
Firewall default state | 0 | Valid values:
|
Firewall fail close | The action when the verdict cannot be set by the policy rules, for
example the Firewall timeout expires. Valid values:
|
|
Firewall force watch | When Firewall default state, then
Firewall force watch specifies the network/mask of the IPs you
want the firewall to watch, overriding the default (off). Valid value: comma separated list of IP/mask values. |
|
Firewall force unwatch | When Firewall default state=1 (on),
then Firewall force unwatch specifies the network/mask of the IPs
you want the firewall to ignore, overriding the default (on). Valid value: comma separated list of IP/mask values. |