firewallGlobalConfig
firewallGlobalConfig
Global configuration applicable to all rules.
JSON Example
{
"tcpAllowOutOfWindowPackets": false,
"udpTimeout": 0,
"ipGenericTimeout": 0,
"tcpPickOngoingConnections": false,
"tcpTimeoutOpen": 0,
"tcpTimeoutClose": 0,
"icmp6Timeout": 0,
"dropIcmpReplays": false,
"logIcmpErrors": false,
"tcpSendResetForClosedVsePorts": false,
"dropInvalidTraffic": false,
"enableSynFloodProtection": false,
"icmpTimeout": 0,
"tcpTimeoutEstablished": 0,
"logInvalidTraffic": false
}
boolean
tcpAllowOutOfWindowPackets
Optional
Allow TCP out of window packets.
integer As int32
As int32
udpTimeout
Optional
Constraints:
minimum: 1
UDP timeout close.
integer As int32
As int32
ipGenericTimeout
Optional
Constraints:
minimum: 1
IP generic timeout.
boolean
tcpPickOngoingConnections
Optional
Pick TCP ongoing connections.
integer As int32
As int32
tcpTimeoutOpen
Optional
Constraints:
minimum: 1
TCP timeout open.
integer As int32
As int32
tcpTimeoutClose
Optional
Constraints:
minimum: 1
TCP timeout close.
integer As int32
As int32
icmp6Timeout
Optional
Constraints:
minimum: 1
ICMP6 timeout.
boolean
dropIcmpReplays
Optional
Drop icmp replays.
boolean
logIcmpErrors
Optional
Log icmp errors.
boolean
tcpSendResetForClosedVsePorts
Optional
Send TCP reset for closed NSX Edge ports.
boolean
dropInvalidTraffic
Optional
Drop invalid traffic.
boolean
enableSynFloodProtection
Optional
Protect against SYN flood attacks by detecting bogus TCP connections and terminating them without consuming firewall state tracking resources. Default : false
integer As int32
As int32
icmpTimeout
Optional
Constraints:
minimum: 1
ICMP timeout.
integer As int32
As int32
tcpTimeoutEstablished
Optional
Constraints:
minimum: 1
TCP timeout established.
boolean
logInvalidTraffic
Optional
Log invalid traffic.