The Firewall does not only serve to discard or accept the filtered data packets, but it can also take additional measures when a data packet has been registered by the filter. The measures here are divided into the fields “protocolling/notification” and “prevent further attacks”:
- Send a Syslog message: Sends a message via the SYSLOG module to a SYSLOG client, as defined in configuration field “Log & Trace”.
- Send an email message: Sends an email message to the administrator, using the account specified in the configuration field “Log & Trace”.
- SNMP/LANmonitor: Sends a SNMP trap, that will be analyzed e. g. by
LANmonitor.Note: Each of these three message measures leads automatically to an entry in the Firewall event table.
- Disconnect: Cuts the connection, over which the filtered packet has been
received.Note: On the occasion, the physical connection will be cut off (e. g. the Internet connection), not only the logical connection between the two involved PCs!
- Lock source address: Blocks the IP address from that the filtered packet has been received for a given time.
- Lock target port: Blocks the destination port to that the filtered packet has been sent for a given time.