How to configure DOS settings on GajShield firewalls
Firmware Version: 4.5+
To configure DOS settings on GajShield firewall, you can follow these steps:
- Login to the GajShield firewall management console using your admin credentials.
- Click on Firewall->Policies in the left-hand side menu.
- In the right-hand side tab, click on "DoS Settings" and configure the following parameters
- If you want to drop source routed packets, enable it by clicking on the checkbox
- Similarly if you wish to disable icmp redirect packets, click on the corresponding checkbox
- Save the parameters after doing so
You can configure DOS settings for TCP, UDP, ICMP and SYN as shown in the image above
- By default, each of the DOS settings are disabled. If you wish to enable click on '*' . When you do so, you would see the following screen
- DOS settings can be based on a 'Source IP', 'Destinaltion IP' or a combination of 'Source and Destination IP'. For each type, you can select the 'Packet rate per minutes' above which the packets would be dropped and also the burst rate. You can select the Action as 'Monitor', if you only wish to monitor, but not drop packets. If you wish to drop packets beyond the above thresholds, you will need to set the Action as 'Enable'
- Save the settings.
After you have saved the changes, install the firewall policies to enable the configured DOS settings on your GajShield firewall
Note: If you wish to bypass any traffic from the above DOS settings, you can select 'Bypass DoS Settings' in the firewall policies