TCPSynUrg
The TCP URG flag together with SYN; normally invalid (strip=strip
URG). (Default: DropLog)
TCPSynPsh
The TCP PSH flag together with SYN; normally invalid but always
used by some IP stacks (strip=strip PSH). (Default: StripSilent)
TCPSynRst
The TCP RST flag together with SYN; normally invalid (strip=strip
RST). (Default: DropLog)
TCPSynFin
The TCP FIN flag together with SYN; normally invalid (strip=strip
FIN). (Default: DropLog)
TCPFinUrg
The TCP URG flag together with FIN; normally invalid (strip=strip
URG). (Default: DropLog)
TCPUrg
The TCP URG flag; many operating systems cannot handle this cor-
rectly. (Default: StripLog)
TCPECN
The Explicit Congestion Notification (ECN) flags. Previously known
as "XMAS"/"YMAS" flags. Also used in OS fingerprinting. (Default:
StripLog)
TCPRF
The TCP Reserved field: should be zero. Used in OS fingerprinting.
Also part of ECN extension. (Default: StripLog)
TCPNULL
TCP "NULL" packets without SYN, ACK, FIN or RST; normally in-
valid, used by scanners. (Default: DropLog)
TCPSequenceNumbers
Validation of TCP sequence numbers. (Default: ValidateLogBad)
TCPAllowReopen
Allow clients to re-open TCP connections that are in the closed state.
(Default: No)
Note
This object type does not have an identifier and is identified by the name of the type
only. There can only be one instance of this type.
3.55.23. VLANSettings
Description
Settings for IEEE 802.1Q based Virtual LAN interfaces.
Properties
UnknownVLANTags
VLAN packets tagged with an unknown ID. (Default: DropLog)
Note
This object type does not have an identifier and is identified by the name of the type
only. There can only be one instance of this type.
3.55.23. VLANSettings
Chapter 3. Configuration Reference
203