Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide 317
53-1001931-01
Global Configuration commands 5
Parameters
Example
RFController(config)#firewall clamp
RFController(config)#
enable Enables the firewall for this controller.
802.2.-encapsulation
permit
Sets 802.2 packet encapsulation.
permit – Allow 802.2 packet encapsulations which can
bypass the firewall. Enabling this option is not
recommended by Brocade
clamp [path-mtu|
tcp-mss]
Configures wireless firewall
clamp [path-mtu|tcp-mss] – Displays clamp value
path-mtu – Displays limit discovered path-mtu
tcp-mss – Displays limit TCP to inner path-mtu
flow timeout
[icmp|other|tcp|udp]
Configures firewall flow of packets.
timeout [icmp|other|udp] <1-32400> – Sets the timeout
value for type ICMP, UDP, and Other to a value between 1
and 32400 seconds
timeout tcp [close-wait|established|reset|setup]
<10-32400> – Sets the timeout value for TCP packet types
to a value between 1 and 32400 seconds
close-wait – Configures the Closed TCP Flow timeout
value
established – Configures the Established TCP Flow
timeout value
reset – Configures the Reset TCP Flow timeout value
setup – Configures the Opening TCP Flow timeout value
virtual-defrag [enable|
max-defrag-per-host|
max-frags-per-dgram|
min-1st-frag-length]
Configures IPv4 virtual defragmentation.
enable – enables IPv4 virtual defragmentation. Brocade
recommends that this option be enabled
max-defrag-per-host <1-32> – Sets the maximum active
defragmentation per host to a value between 1 and 32
max-frags-per-dgram <2-8129> – Sets the maximum
allowed fragmentation per datagram to a value between 2
and 8129
min-1st-frag-len < <8-1500> – Sets the minimum
fragmentation length for the 1st fragment to a value between
8 and 1500
vlan-stacking permit Configures 802.1q VLAN stacking.
permit – Permits 802.1q VLAN stacking that can bypass the
firewall. Brocade does not recommend the use of this option