Description
ICMP (Internet Control Message Protocol) Settings
Properties
- OwnIPInICMPv4Size
- How much to include of the original datagram in ICMPv4 error responses generated by the firewall. (Default: Short)
- ICMPSendPerSecLimit
- Maximum number of ICMP responses that the gateway may send each second. (Default: 500)
- ICMPErrorPerSecLimit
- Maximum number of ICMP errors (per second) that may be forwarded by a virtual system. (Default: 5000)
- ICMPErrorPerSecToSPLimit
- Maximum number of ICMP errors (per second) that may be subject to rule lookup. Set to not zero only if you wish to forward
raw ICMP errors that do not match any existing connections. (Default: 0)
- ICMPMaxErrorsPerFlow
- Maximum number of ICMP errors per flow and second. (Default: 50)
- ICMPMaxErrorsPerRule
- Maximum number of ICMP errors per rule and second. (Default: 5000)
- ICMPValidateChecksum
- How to handle the ICMP checksum. (Default: IfHWAssistedLogBad)
- ICMP_SeqNoScramble
- Add a random value to the sequence number (the same random value is used for all messages in a connection). (Default: Yes)
- ICMP_SeqNoTrack
- Whether to track ICMP sequence numbers. (Default: DropLog)
- ICMP_DataTrack
- Whether to track the data contents in ICMP 'ping' messages. (Default: Ignore)
- IP4NetworkUnreachable
- How to handle ICMPv4 error 'destination unreachable' (network unreachable). (Default: ObeyService)
- IP4HostUnreachable
- How to handle ICMPv4 error 'destination unreachable' (host unreachable). (Default: ObeyService)
- IP4ProtocolUnreachable
- How to handle ICMPv4 error 'destination unreachable' (protocol unreachable). (Default: ObeyService)
- IP4PortUnreachable
- How to handle ICMPv4 error 'destination unreachable' (port unreachable). (Default: ObeyService)
- IP4FragmentationNeeded
- How to handle ICMPv4 error 'destination unreachable' (fragmentation needed and DF bit set). (Default: ObeyServiceLog)
- IP4SourceRouteUnreachable
- How to handle ICMPv4 error 'destination unreachable' (source route unreachable). (Default: ObeyService)
- IP4NetworkRouteUnreachable
- How to handle ICMPv4 error 'destination unreachable' (no route to network)'. (Default: ObeyService)
- IP4HostRouteUnreachable
- How to handle ICMPv4 error 'destination unreachable' (no route to host). (Default: ObeyService)
- IP4SourceIsolated
- How to handle ICMPv4 error 'destination unreachable' (source isolated). (Default: ObeyService)
- IP4NetworkProhibited
- How to handle ICMPv4 error 'destination unreachable' (administratively prohibited network). (Default: ObeyService)
- IP4HostProhibited
- How to handle ICMPv4 error 'destination unreachable' (administratively prohibited host). (Default: ObeyService)
- IP4NetworkTOSUnreachable
- How to handle ICMPv4 error 'destination unreachable' (destination network unreachable for type of service). (Default: ObeyService)
- IP4HostTOSUnreachable
- How to handle ICMPv4 error 'destination unreachable' (destination host unreachable for type of service)'. (Default: ObeyService)
- IP4CommunicationProhibited
- How to handle ICMPv4 error 'destination unreachable' (communication administratively prohibited). (Default: ObeyService)
- IP4PrecedenceViolation
- How to handle ICMPv4 error 'destination unreachable' (host precedence violation). (Default: DropLog)
- IP4PrecedenceCutoff
- How to handle ICMPv4 error 'destination unreachable' (precedence cutoff in effect). (Default: DropLog)
- IP4UnknownUnreachable
- How to handle ICMPv4 error 'destination unreachable' (unknown code). (Default: DropLog)
- IP4TimeExceeded
- How to handle ICMPv4 error 'time exceeded' (TTL too low). (Default: ObeyService)
- IP4FragmentExceeded
- How to handle ICMPv4 error 'time exceeded' (one or more fragments not received before timeout). (Default: ObeyService)
- IP4UnknownTimeExceeded
- How to handle ICMPv4 error 'time exceeded' (unknown code). (Default: DropLog)
- IP4ParameterProblem
- How to handle ICMPv4 error 'parameter problem' (code 'problem at pointer'). (Default: DropLog)
- IP4ParameterRequired
- How to handle ICMPv4 error 'parameter problem' (parameter required). (Default: DropLog)
- IP4ParameterBadLength
- How to handle ICMPv4 error 'parameter problem' (bad length). (Default: DropLog)
- IP4UnknownParameterProblem
- How to handle ICMPv4 error 'parameter problem' (unknown code). (Default: DropLog)
- IP4NetworkRedirect
- How to handle ICMPv4 error 'redirect' (redirect network). (Default: DropLog)
- IP4HostRedirect
- How to handle ICMPv4 error 'redirect' (redirect host). (Default: DropLog)
- IP4TypeOfServiceRedirect
- How to handle ICMPv4 error 'redirect' (type of service). (Default: DropLog)
- IP4HostAndServiceRedirect
- How to handle ICMPv4 error 'redirect' (host and type of service). (Default: DropLog)
- IP4UnknownRedirect
- How to handle ICMPv4 error 'redirect' (unknown code). (Default: DropLog)
- IP4ConversionError
- How to handle ICMPv4 error 'conversion error'. (Default: DropLog)
- IP4SourceQuench
- How to handle ICMPv4 error 'source quench'. (Default: DropLog)
- IP4AlternateHostAddress
- How to handle ICMPv4 error 'alternate host address'. (Default: DropLog)
- IP4MobileHostRedirect
- How to handle ICMPv4 error 'mobile host redirect'. (Default: DropLog)
- IP6RouteUnreachable
- How to handle ICMPv6 error 'destination unreachable' (no route to destination). (Default: ObeyService)
- IP6Rejected
- How to handle ICMPv6 error 'destination unreachable' (communication with destination administratively prohibited). (Default: ObeyService)
- IP6SourceRejected
- How to handle ICMPv6 error 'destination unreachable' (communication with destination administratively prohibited; source address
failed ingress/egress policy). (Default: ObeyService)
- IP6DestinationRejected
- How to handle ICMPv6 error 'destination unreachable' (communication with destination administratively prohibited; reject route
to destination). (Default: ObeyService)
- IP6ScopeUnreachable
- How to handle ICMPv6 error 'destination unreachable' (beyond scope of source address). (Default: ObeyService)
- IP6AddressUnreachable
- How to handle ICMPv6 error 'destination unreachable' (destination failed address resolution). (Default: ObeyService)
- IP6PortUnreachable
- How to handle ICMPv6 error 'destination unreachable' (port unreachable). (Default: ObeyService)
- IP6UnknownUnreachable
- How to handle ICMPv6 error 'destination unreachable' (unknown code). (Default: DropLog)
- IP6TimeExceeded
- How to handle ICMPv6 error 'time exceeded' (HopLimit/TTL too low). (Default: ObeyService)
- IP6FragmentExceeded
- How to handle ICMPv6 error 'time exceeded' (one or more fragments not received before timeout). (Default: ObeyService)
- IP6UnknownTimeExceeded
- How to handle ICMPv6 error 'time exceeded' (unknown code). (Default: DropLog)
- IP6ErroneousHeader
- How to handle ICMPv6 error 'parameter problem' (erroneous header field). (Default: DropLog)
- IP6NextHeaderUnrecognized
- How to handle ICMPv6 error 'parameter problem' (unrecognized next header type). (Default: DropLog)
- IP6OptionUnrecognized
- How to handle ICMPv6 error 'parameter problem' (unrecognized IPv6 option type). (Default: DropLog)
- IP6UnknownParameterProblem
- How to handle ICMPv6 error 'parameter problem' (unknown code). (Default: DropLog)
- IP6PacketTooBig
- How to handle ICMPv6 error 'packet too big'. (Default: AlwaysAllowLog)
- IP6UnknownPacketTooBig
- How to handle ICMPv6 error 'packet too big' (unknown code). (Default: DropLog)
- IP6UnknownError
- How to handle unknown ICMPv6 errors. (Default: DropLog)
![[Note]](images/note.png) |
Note |
| This object type does not have an identifier and is identified by the name of the type only. There can only be one instance
of this type.
|
cOS Stream 4.00.05 CLI Reference Guide
