Manualshelf

User manual

ManualsBrandsSecure Computing ManualsComputer equipmentSG550
141142143144145146147148149150
Firewall
138
Rate limiting
Note
Rate Limit settings are only available when modifying rules. They cannot be specified
when creating a new rule.
Once you have created a packet filtering rule, you may specify rate limiting settings.
These settings are useful for preventing a service from becoming unavailable should
many connection attempts occur in a short period of time (e.g. in the case of a denial of
service (DOS) attack). Packets that exceed the specified limit can be accepted, rejected
or dropped, and can be logged.
Click the Modify icon next to the rule that you wish to rate limit, and click the Rate Limit
tab.
Check Enable Rate Limiting for this rule.
Rate (per second) is the average number of connections that will be matched before
rate limiting applies, specified as connections per second.
Note
If Access Control is enabled, then packets that traverse Access Control are rate limited
separately from other packets, so that potentially twice the specified rate will be matched.
Burst is the maximum instantaneous burst of connections before rate limiting applies,
specified as the number of connections. This is useful for services that require a multiple
connections within a short time.
Action if Limited is the action to take when a packet matches the packet filter rule, but
exceeds the rate limit.
None: Perform no action for rate limited packets, and continue matching on
subsequent rules. This is useful if you want rate limited packets to fall through to
a more general rule.
Accept: Allow the rate limited packet.