FreshTomato Wiki

User Tools

Site Tools

Trace: advanced-firewall

Sidebar

freshtomato.org

Wiki

▸ About

▸ Releases

▸ Hardware compatibility

▸ 3G/4G/5G compatibility

▸ Feature matrix

▸ Documentation

▸ HOWTOs

▸ FAQ

Forum

AX

Download

Changelog

Development

Bug track

ARM

Download

Changelog

Development

Bug track

MIPS

Download

Changelog

Development

Bug track


TomatoAnon

✔️ Help (WikiText Syntax)

🧑‍🤝‍🧑 Credits

💰 Donations

advanced-firewall

This is an old revision of the document!

Firewall

The Firewall page allows you to set up some options to protect/facilitate certain network communications.


WAN interfaces respond to ping and traceroute - When enabled this option allows your device to respond to certain ICMP/UDP packets so that a ping and traceroute work from Internet.
Limit communication to: This number imposes a maximum number of requests per seconds. It is advised to set up a limit to prevent DDOS attacks.


Enable TCP SYN cookies - Enabling this will protect the router from SYN Flood attacks via a well known technique called SYN cookies. This technique encodes info from the SYN packet into the responce (SYN/ACK). Please note, despite being a standard technique enabling this option imposes some secondary limitation some old TCP/IP staks might not be easy to handle
Enable DCSP Fix - This enables a work-around for a well-known issue related SCP (packet marking) when connected to the ISP Comcast
IPv6 IPSec Passthrough - FIXME

advanced-firewall.1642531494.txt.gz · Last modified: 2022/01/18 18:44 by rs232

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki