Patton electronic 3231 manual ﬁrewall add portﬁlter, Add a port ﬁlter to a ﬁrewall policy

Page 40

Model 3231 CLI Reference Guide	5 • Firewall Commands

ﬁrewall add portﬁlter

Add a port ﬁlter to a ﬁrewall policy.

	Note Begin each top-level command in the table below with
		firewall add portfilter <name> <policyname>.
			Table 24. ﬁrewall add portﬁlter <name> <policyname>

Command					Explanation

ftp	both				Allow inbound/outbound transport of FTP pack-
					ets between inside and outside interfaces.

	inbound				Allow transport of FTP packets from an outside
					interface to an inside interface. Outbound trans-
					port is not allowed..

	outbound				Allow transport of FTP packets from an inside
					interface to an outside interface. Inbound trans-
					port is not allowed.

http	both				Allow inbound/outbound transport of HTTP pack-
					ets between inside and outside interfaces.

	inbound				Allow transport of HTTP packets from an outside
					interface to an inside interface. Outbound trans-
					port is not allowed.

	outbound				Allow transport of HTTP packets from an inside
					interface to an outside interface. Inbound trans-
					port is not allowed.

icmp	both				Allow inbound/outbound transport of ICMP
					packets between inside and outside interfaces

	inbound				Allow transport of ICMP packets from an outside
					interface to an inside interface. Outbound trans-
					port is not allowed.

	outbound				Allow transport of ICMP packets from an inside
					interface to an outside interface. Inbound trans-
					port is not allowed.

protocol	<number>		both		Allow inbound/outbound transport of packets of
					the speciﬁed protocol number between inside
					and outside interfaces.

			inbound		Allow transport of packets of the speciﬁed proto-
					col number from an outside interface to an inside
					interface. Outbound transport is not allowed.

			outbound		Allow transport of packets of the speciﬁed proto-
					col number from an inside interface to an outside
					interface. Inbound transport is not allowed.

firewall add portfilter

40

Image 40

Contents LCD Patton Electronics, Inc Trademark Statement Summary Table of Contents Table of Contents Firewall Commands Help Commands Port Commands Source Commands User Commands This guide is intended for administrators and operators About this guideAudience StructureUsing the CLI Connect a PC and logTypographical conventions used in this document PrecautionsGeneral conventions Alarm Commands Chapter contentsAlarm all alarmStatus Set the alarm state for all alarmsAlarm all alarmStatus clear Alarm all alarmStatus resetAlarm set index alarmSeverity Set the index for the severity level of an alarmCritical/Major = The most severe alarms Alarm set index alarm SeveritySet the index for the status level of an alarm Alarm set index alarmStatusAlarm set index alarm Status Show alarm status Alarm showExample Output alarm show Bridge Commands Bridge add interface Add a named interface to the bridgeBridge attach Attach existing transport to existing bridge interfaceBridge clear interfaces Remove all bridge interfacesBridge delete interface Remove speciﬁc bridge interfaceBridge detach Detach a transport from a bridge interfaceList bridge interfaces Bridge list interfacesExample Output bridge list interfaces Bridge set Conﬁgure bridge attributesDisplay bridge/interface settings Bridge showExample Output bridge show Example Output bridge show interface br1CPE Conﬁg Commands Cpeconﬁg action get Cpeconﬁg actionCpeconﬁg action set Cpeconﬁg set Cpeconﬁg show Example Output cpeconﬁg showEthernet Commands Ethernet add transport Create ethernet transportEthernet clear transports Remove all ethernet transportsEthernet delete transport Remove single ethernet transportEthernet list List ethernet ports and transportsExample Output ethernet list ports Example Output ethernet list transportsEthernet set transport Set port of an existing ethernet transportEthernet set transport name ethernetport port Ethernet set transport name port port Display existing ethernet transport Ethernet show transport Example Output ethernet show transport eth1 Firewall Commands ﬁrewall add policy Add a ﬁrewall policyAdd a port ﬁlter to a ﬁrewall policy ﬁrewall add portﬁlterFirewall add portfilter name policyname Smtp Both Tcp Startport Endport BothTelnet Both Udp Startport Endport BothAdd a validator to a ﬁrewall policy ﬁrewall add validatorFirewall add validator name policyname ﬁrewall clear policies ﬁrewall clearﬁrewall clear portﬁlters policyname ﬁrewall delete ﬁrewall delete policy nameﬁrewall delete portﬁlter name policyname ﬁrewall delete validator name policynameﬁrewall disable Disable ﬁrewall featuresﬁrewall enable Enable ﬁrewall featuresShow information about speciﬁc ﬁrewall features ﬁrewall listExample Output ﬁrewall list policies Example Output ﬁrewall list portﬁlters pexinExample Output ﬁrewall list protocol Example Output ﬁrewall list validators pdmzinﬁrewall set IDS ﬁrewall set securitylevel Set the desired level of security for the ﬁrewallﬁrewall set validator Conﬁgure the settings for a validatorFirewall set validator name policyname Display information about a ﬁrewall setting ﬁrewall showExample Output ﬁrewall show IDS Example Output ﬁrewall show IDS blacklistExample Output ﬁrewall show portﬁlter heihttp pexin Example Output ﬁrewall show validator item0 pdmzinﬁrewall status Example Output ﬁrewall statusShdsl Commands Gshdsl set BERMeterMode Conﬁgure patetrn generationGshdsl set BERMeterMode Gshdsl set BERMeterMode 511EConﬁgure clock mode Gshdsl set ClockingConﬁgure the EthLinkKill feature Gshdsl set EthLinkKill disableGshdsl set EthLinkKill enable Gshdsl set EthLinkKillConﬁgure the line probe feature Gshdsl set LineProbe disableGshdsl set LineProbe enable Gshdsl set LineProbeGshdsl set action Save or shut down DSL conﬁgurationsGshdsl set action deactivate Gshdsl set action startGshdsl set clockingcombination Set I-bit of data rate Gshdsl set datarateIGshdsl set datarateI newvalue Gshdsl set dslrateTS Set data rateGshdsl set errMonIntervalCnt Set the number of allowable errors per interval Gshdsl set errMonIntervalThresholdGshdsl set errMonIntervalTime Set the length in seconds of the current intervalGshdsl set errMonStartupDelay Gshdsl set errMonTotalIntervals Gshdsl set errMonTotalIntervals newvalueGshdsl set gshannex Set the annex for the dsl portGshdsl set gshannex AnnexA Gshdsl set gshannex AnnexBGshdsl set interface Set the interface for the dsl portGshdsl set interface atm Gshdsl set interface hdlcGshdsl set terminal Set the unit as a CO or a CPEGshdsl set terminal central Gshdsl set terminal remoteGshdsl seta Modify an attribute for G.SHDSLGshdsl show Display an atttribute for G.SHDSLExample Output gshdsl show Gshdsl showGshdsl showTestMode Display test mode informationExample Output gshdsl showTestMode Gshdsl showc Display error countersExample Output gshdsl showc Help Commands Display help menu HelpHelp IP Commands Ip add defaultrouteIp add defaultroute Conﬁgure default IP routesIp add defaultroute gateway gatewayip Ip add defaultroute interface interfaceIp add interface Add an IP interfaceIp add route Add an IP routeIp add route name destip netmask Gateway gatewayipIp attach Add a transport to an IP interfaceIp attachbridge Attach a bridge to the routerCreate a virtual interface Ip attachvirtualIp attachvirtual name realinterface Ip clear Clear attributes from an IP interfaceIp delete Delete an IP interface or routeIp delete interface name Ip delete route nameIp detach Detach a transport from an IP interfaceConﬁgure an IP interface Ip interfaceIp interface name Example Output ip interface ip1 list proxyarpentries Example Output ip interface ip1 list secondaryipaddressesIp list Display information for an IP addressExample Output ip list arpentries Example Output ip list connectionsExample Output ip list riproutes Example Output ip list interfacesExample Output ip list routes Ip ping Ping an IP addressIp set interface Conﬁgure speciﬁc settings for an IP interfaceIp set interface name Conﬁgure RIP settings for an IP interface Ip set ripIp set route Conﬁgure settings for an IP routeIp set route name Display information for an IP interface Ip showExample Output ip show debuginfo Example Output ip show route default Example Output ip show interface ip1Ip traceroute Start or stop a trace route processIp traceroute start Ip traceroute start nameLogger Commands Logger set Conﬁgure syslogLogger show Display syslog informationExample Output logger show Logger showPort Commands Port ethernet Conﬁgure the Ethernet portPort list Example Output port list allExample Output port list atm Example Output port list ethernetPPP Commands Ppp add transport Add a PPP over Hdlc PPPoH transportRemove all PPPoH transports Ppp clear transportsPpp clear transports Ppp delete transport Remove a single PPPoH transportList existing PPPoH transports Ppp list transportsExample Output ppp list transports Conﬁgure properties for a PPPoH transport Ppp set transportPpp set transport name Speciﬁcroute Disabled Theylogin ChapWelogin Auto LcpmaxfailDisplay properties for a speciﬁc PPPoH transport Ppp show transportExample Output ppp show transport ppp1 PPPoA Commands Add a PPP over ATM PPPoA transport Pppoa add transportPppoa add transport name Pppoa clear transports Remove all PPPoA transportsPppoa delete Remove a single PPPoA transportList existing PPPoA transports Pppoa list transportsExample Output pppoa list transports Conﬁgure properties for a PPPoA transport Pppoa set transportPppoa set transport name Port Control Protocol echo request frame at speciﬁedIntervals in seconds Provide the server-end of a connectionQosclass Abr CbrQfc Ubr121 Display properties for a speciﬁc PPPoA transport Pppoa show transportExample Output pppoa show transport ppp1 PPPoE Commands Add a PPP over Ethernet PPPoE transport Pppoe add transportPppoe add transport name dialout Pppoe clear transports Remove all PPPoE transportsPppoe delete transport Remove a single PPPoE transportList existing PPPoE transports Pppoe list transportsExample Output pppoe list transports Conﬁgure properties for a PPPoE transport Pppoe set transportPppoe set transport name Eth Port MbsPvc Portvpivci Create a default route to the subnet Pppoe show transport Display properties for a speciﬁc PPPoE transportRFC1483 Commands Create a new transport Rfc1483 add transportRfc1483 add transport name Rfc1483 clear transports Remove all RFC1483 transportsRfc1483 delete transport Remove a single RFC1483 transportRfc1483 list transports List existing RFC1483 transportsExample Output rfc1483 list transports Rfc1483 list transportsRfc1483 set transport Conﬁgure properties for an RFC1483 transportRfc1483 set transport name Rfc1483 set transportDisplay properties for a speciﬁc RFC1483 transport Rfc1483 show transportExample Output rfc1483 show transport rfc1 Security Commands Security add Add security interfaces and triggersSecurity clear Clear interfaces and triggersSecurity clear interfaces Security clear triggersSecurity delete Delete a speciﬁed interface or triggerSecurity delete interface name Security delete trigger nameSecurity disable Disable security featuresSecurity enable Enable security featuresSecurity list List interfaces and triggersExample Output security list interfaces Example Output security list triggersConﬁgure settings for security triggers Security set triggerSecurity show Display information about a speciﬁc interface or triggerExample Output security show interface ip1 Example Output security show trigger t2h323Display information about all security features Security statusExample Output security status Security statusSnmp Commands Snmp add Add community and trap entriesSnmp delete Delete community and trap entriesSnmp delete community IndexSnmp save Save conﬁgurationConﬁgure Snmp properties Snmp setSnmp set Snmp show Display information for an Snmp conﬁgurationExample Output snmp show Snmp showSource Commands Read a ﬁle of commands Source ﬁlenameSystem Commands System add login Name System addAdd a user to the system CommentSystem conﬁg Manage the system conﬁgurationSystem cpu Example Output system cpu npOverThresholdExample Output system cpu npThreshold get Example Output system cpu npUsageExample Output system cpu ppThreshold get Example Output system cpu ppUsageSystem delete login name System deleteRemove system users System delete user nameSystem ifTable reset Reset packet countersDisplay hardware/software information System infoExample Output system info Show copyright information System legalExample Output system legal Example Output system list errors Example Output system list loginsSystem list List system informationExample Output system list users Set system logging options System logExample Output system log list Example Output system log list op System restart Set user privileges System setSystem set Example Output system show ﬁrmware update protection System showDisplay system information Example Output system show aticmemTransport Commands Transports clear Clear all transportsTransports delete Delete a speciﬁc transportList all transports Transports listExample Output transports list Display information about a speciﬁc transport Transports showExample Output transports show eth1 User Commands Switch users User changeUser logout Log out from the systemUser password Change a user’s passwordWebserver Commands Webserver clear Clear Web Server statisticsWebserver disable Disable the Web Server processWebserver enable Enable the Web Server processLoad derived archive for static content Webserver loadWebserver set Webserver setWebserver show Display information about the Web ServerExample Output webserver show info Example Output webserver show stats

Related manuals

Manual 58 pages 54.63 Kb