Windows: Firewall parameters
These parameters affect the behavior of the S-TAP with respect to the firewall.
These parameters are stored in the [TAP] section of the S-TAP properties file.
CAUTION:
These are advanced parameters and are usually
modified by IBM Technical Support only.
| GIM | guard_tap.ini | Default value | Description |
|---|---|---|---|
| WSTAP_FIREWALL_INSTALLED | FIREWALL_INSTALLED | 0 | Firewall feature enabled. 1=yes, 0=no. |
| WSTAP_FIREWALL_TIMEOUT | FIREWALL_TIMEOUT | 10 | Time, in seconds to, wait for a verdict from the Guardium system if the firewall timed out. Look at firewall_fail_close value to know whether to block or allow the connection. The value can be any integer value. |
| WSTAP_FAIL_CLOSE | FIREWALL_FAIL_CLOSE | 0 | If the verdict does not come back from the Guardium system and the firewall_timeout expires: if firewall_close = 0 the connection goes through; if firewall_close=1 the connection is blocked. |
| WSTAP_DEFAULT_STATE | FIREWALL_DEFAULT_STATE | 0 | 0: An event triggers traffic in a session to be watched and checked for firewall policy violations. |
| WSTAP_FORCE_WATCH | FIREWALL_FORCE_WATCH | NULL | When the firewall feature is enabled and firewall_default_state is 0, the session is watched automatically when its client IP matches one of this list of IP/MASK values. The list itself is separated with commas, for example, 1.1.1.1/1.1.1.1,2.2.2.2/2.2.2.2 |
| WSTAP_FORCE_UNWATCH | FIREWALL_FORCE_UNWATCH | NULL | When the firewall feature is enabled and firewall_default_state is 1, the session is unwatched automatically when its client IP matches one of this list of IP/MASK values. The list itself is separated with commas, for example, 1.1.1.1/1.1.1.1,2.2.2.2/2.2.2.2, |