The firewall is not only used to drop or accept filtered data packets. It can also take further measures once a data packet has been inspected by the filter. The measures are divided into two functions: “Logging/Notification” and “Prevention of further attacks”:
- Send SYSLOG message: Sends a message via the SYSLOG module to a SYSLOG client specified in the “Log & Trace” configuration section.
- Send e-mail message: Sends an e-mail message to the administrator specified in the “Log & Trace” configuration section.
- Send SNMP: Sends an SNMP trap for processing by LANmonitor, for example.Note: Each of these three messaging actions automatically results in an entry in the firewall event log.
- Disconnect: Cuts the connection from which the filtered packet was received.Important: This cuts the physical connection, i.e. the Internet connection, and not just the logical connection between the two computers!
- Lock source address: Blocks the IP address where the filtered packet was received from, for an adjustable time.
- Lock target port: Blocks the destination port to which the filtered packet was sent, for an adjustable time.
