GajShield Knowledge Base

All the documents you require to help you configure and manage GajShield firewalls.

How to configure DOS settings on GajShield firewalls

Firmware Version: 4.5+

To  configure DOS settings on GajShield firewall, you can follow these steps:

  1. Login to the GajShield firewall management console using your admin credentials.
  2. Click on Firewall->Policies in the left-hand side menu.
  3. In the right-hand side tab, click on "DoS Settings" and configure the following parameters

  1. If you want to drop source routed packets, enable it by clicking on the checkbox
  2. Similarly if you wish to disable icmp redirect packets, click on the corresponding checkbox
  3. Save the parameters after doing so

You can configure DOS settings for TCP, UDP, ICMP and SYN as shown in the image above

  • By default, each of the DOS settings are disabled. If you wish to enable click on '*' . When you do so, you would see the following screen

  1.  DOS settings can be based on a 'Source IP', 'Destinaltion IP' or a combination of 'Source and Destination IP'. For each type, you can select the 'Packet rate per minutes' above which the packets would be dropped and also the burst rate. You can select the Action as 'Monitor', if you only wish to monitor, but not drop packets. If you wish to drop packets beyond the above thresholds, you will need to set the Action as 'Enable'
  2. Save the settings.

After you have saved the changes, install the firewall policies to enable the configured DOS settings on your GajShield firewall

Note: If you wish to bypass any traffic from the above DOS settings, you can select 'Bypass  DoS Settings' in the firewall policies