S7
Settings
| Max no. of pending requests | Maximum number of requests without responses in a single session. This value has to be between 1 and 512 seconds (default value: 10). |
| Maximum request duration (in seconds) | This value is the period after which requests without responses will be deleted. This value has to be between 1 and 3600 seconds (default value: 10). |
| Maximum message size (bytes) | This value makes it possible to restrict the size allowed for a message. It has to be between 11 and 3837 (default value: 960). |
Managing function codes
Predefined operations
This table lists the codes and associated S7 operations that have been predefined on the firewall. These codes are classified by operation set: JOB and USERDATA (from different groups).
Predefined S7 operations are allowed by default (Allow action). The buttons Block by operation set, Allow by operation set and Modify all operations make it possible to modify the action (Allow/Block) applied to the selected operations set or to all S7 operations listed in the table.
Other operations
Other blocked JOBS
This list makes it possible to prohibit additional S7 function codes or code ranges belonging to the JOB operation set. It is possible to Add or Delete elements to or from this list by clicking on the relevant buttons.
Other blocked USERDATA groups
This list makes it possible to prohibit whole sets or ranges of whole sets of USERDATA operations. It is possible to Add or Delete elements to or from this list by clicking on the relevant buttons.
Support
| Disable intrusion prevention | When this option is selected, the analysis of the S7 protocol will be disabled and traffic will be allowed if the filter policy allows it. |
| Log each S7 request | Enables or disables the logging of S7 requests. |