Differences

This shows you the differences between two versions of the page.

--- advanced-firewall [2023/05/28 04:34] – [Multicast] -condense, clarify IGMP Snooping hogwild
+++ advanced-firewall [2023/05/28 04:37] – [Firewall] -condense hogwild
@@ Line 8: / Line 8: @@
 {{:pasted:20220118-182859.png}} \\
- \\  \\ **WAN interfaces respond to ping and traceroute:  **If enabled, this allows your device to reply to ICMP ping and traceroute request packets from Internet hosts. This is necessary for //ping //and //traceroute to //work from the Internet.
+ \\ **WAN interfaces respond to ping and traceroute:  **If enabled, this allows your device to reply to ICMP ping and traceroute request packets from Internet hosts. This is necessary for //ping //and //traceroute to //work from the Internet.
 **Limit communication to:  **This specifies the maximum number of requests per second to which the Firewall will reply. Setting a limit number is recommended to prevent DDoS attacks.\\   \\   \\ {{:pasted:20220118-183317.png}}\\
- \\  \\ **Enable TCP SYN cookies:  **Enabling this protects the router from SYN Flood attacks via the "SYN cookies" technique. This function encodes information from the SYN packet into the (SYN/ACK) response. This is a standard method for preventing SYN floods. However, it has certain limitations which may cause issues with some old TCP/IP stacks.
+ \\
+**Enable TCP SYN cookies:  **Enabling this uses the "SYN cookies" technique to protect the router from SYN Flood attacks. This function encodes information from the SYN packet into the (SYN/ACK) response. This is a standard method for preventing SYN floods. However, it has certain limitations which may cause issues with some old TCP/IP stacks.
 **Enable DCSP Fix:  **Checking this enables a workaround for packet marking, a well-known issue related to DSCP when connected to Comcast.

FreshTomato Wiki

User Tools

Site Tools

Differences

Page Tools