HP TippingPoint Next Generation Firewall manual Example

Example

NGFW{running-firewall-rule-myrule1}action "Permit + Notify + Trace"

NGFW{running-firewall-rule-myrule1}application-group

Apply application group.

Syntax

application-group APPGROUPNAME application-group ANONYMOUS CRITERIASTRING

Example

NGFW{running-firewall-rule-myrule1}application-group facebook NGFW{running-firewall-rule-myrule1}application-group ANONYMOUS

NGFW{running-firewall-rule-myrule1}delete

Delete file or configuration item.

Syntax

delete application-group delete comment

delete profile

delete schedule (include allSCHEDULENAME) delete schedule (exclude allSCHEDULENAME) delete services include (service allSERVICENAME) delete services include (protocol allPROTONUM) delete services include port all

delete services include tcp (allPORT) [to PORT] delete services include udp (allPORT) [to PORT]

delete services include (icmp all(CODENAME)(TYPE [CODE])) delete services include (icmpv6 all(CODENAME6)(TYPE6 [CODE6])) delete services exclude (service allSERVICENAME)

delete services exclude (protocol allPROTONUM) delete services exclude port all

delete services exclude tcp (allPORT) [to PORT] delete services exclude udp (allPORT) [to PORT]

delete services exclude (icmp all(CODENAME)(TYPE [CODE])) delete services exclude (icmpv6 all(CODENAME6)(TYPE6 [CODE6])) delete src-address include group (allSADDRESSGROUP)

delete src-address include (ipaddress allA.B.C.D/MX:X::X:X/M) delete src-address include range (allA.B.C.DX:X::X:X) delete src-address include ((any4)(any6))

delete src-address exclude group (allSADDRESSGROUP)

delete src-address exclude (ipaddress allA.B.C.D/MX:X::X:X/M) delete src-address exclude range (allA.B.C.DX:X::X:X) delete src-address exclude ((any4)(any6))

delete dst-address include group (allDADDRESSGROUP)

delete dst-address include (ipaddress allA.B.C.D/MX:X::X:X/M) delete dst-address include range (allA.B.C.DX:X::X:X) delete dst-address include ((any4)(any6))

delete dst-address exclude group (allDADDRESSGROUP)

delete dst-address exclude (ipaddress allA.B.C.D/MX:X::X:X/M) delete dst-address exclude range (allA.B.C.DX:X::X:X) delete dst-address exclude ((any4)(any6))

delete src-zone (include allZONENAME) delete src-zone (exclude allZONENAME) delete dst-zone (include allZONENAME)

144 Edit Running Configuration Commands