ZyXEL Communications 10~100 Series 64

ZyWALL 10~100 Series Internet Security Gateway

Chart 10-1 Firewall Commands

FUNCTION

COMMAND

DESCRIPTION

Config edit firewall set <set #> rule <rule #> alert <yes no>

config edit firewall set <set #> rule <rule #> srcaddr-single <ip address>

config edit firewall set <set #> rule <rule #> srcaddr-subnet <ip address> <subnet mask>

config edit firewall set <set #> rule <rule #> srcaddr-range <start ip address> <end ip address>

config edit firewall set <set #> rule <rule #> destaddr- single <ip address>

config edit firewall set <set #> rule <rule #> destaddr- subnet <ip address> <subnet mask>

config edit firewall set <set #> rule <rule #> destaddr-range <start ip address> <end ip address>

This command sets whether or not the ZyWALL sends an alert e-mail when a DOS attack or a violation of a particular rule occurs.

This command sets the rule to have the ZyWALL check for traffic with this individual source address.

This command sets a rule to have the ZyWALL check for traffic from a particular subnet (defined by IP address and subnet mask).

This command sets a rule to have the ZyWALL check for traffic from this range of addresses.

This command sets the rule to have the ZyWALL check for traffic with this individual destination address.

This command sets a rule to have the ZyWALL check for traffic with a particular subnet destination (defined by IP address and subnet mask).

This command sets a rule to have the ZyWALL check for traffic going to this range of addresses.

10-6	Firewall Commands

Contents

Internet Security Gateway Copyright Copyright © 2003 by ZyXEL Communications Corporation Disclaimer Trademarks Notice Certifications Information for Canadian Users Caution Note ZyXEL Limited Warranty NOTE Customer Support Table of Contents Page List of Diagrams List of Charts Page Preface About Your ZyWALL About This User's Manual Related Documentation Syntax Conventions Page Page Page Setting up Your Computer’s IP Address Windows 95/98/Me Page Page Windows 2000/NT/XP Page Page Page Macintosh OS 8/9 Page Macintosh OS Page Page Triangle Route The Ideal Setup The “Triangle Route” Problem The “Triangle Route” Solutions IP Aliasing Gateways on the WAN Side Page The Big Picture Page Wireless LAN and IEEE Benefits of a Wireless LAN Ad-hocWireless LAN Configuration Infrastructure Wireless LAN Configuration Page Wireless LAN With IEEE Security Flaws with IEEE Deployment Issues with IEEE Advantages of the IEEE Page PPPoE PPPoE in Action Benefits of PPPoE Traditional Dial-upScenario How PPPoE Works ZyWALL as a PPPoE Client PPTP What is PPTP How can we transport PPP frames from a PC to a broadband modem over Ethernet PPTP and the ZyWALL PPTP Protocol Overview Control & PPP connections PPP Data Connection Page IP Subnetting IP Addressing IP Classes Subnet Masks Subnetting Example: Two Subnets Page Example: Four Subnets Example Eight Subnets Subnetting With Class A and Class B Networks Page Page Page Command Interpreter Command Syntax Command Usage Page Firewall Commands Page Page Page Page Page Page Page NetBIOS Filter Commands Introduction Display NetBIOS Filter Settings Page NetBIOS Filter Configuration Page Boot Commands Page Log Descriptions Page Page Page Page Page Page Page Page Page VPN/IPSec logs VPN Responder IPSec Log Page Page Page Page Log Commands Log Command Example Brute-ForcePassword Guessing Protection Page Page Page Index