Chapter 16 Firewall
Table 67 firewall
COMMAND | DESCRIPTION |
[no] to {zone_objectZyWALL} | Sets the zone to which the packets are sent. The no |
| command removes the zone to which the packets are sent |
| and resets it to the default (any). any means all interfaces |
| or VPN tunnels. |
|
|
[no] user user_name | Sets a |
| when the specified user logs into the system. The no |
| command resets the user name to the default (any). any |
| means all users. |
|
|
16.2.2 Firewall Command Examples
These are IPv4 firewall configuration examples. The IPv6 firewall commands are similar.
The following example shows you how to add an IPv4 firewall rule to allow a MyService connection from the WAN zone to the IP addresses Dest_1 in the LAN zone.
•Enter configuration command mode.
•Create an IP address object.
•Create a service object.
•Enter the firewall
•Set the direction of travel of packets to which the rule applies.
•Set the destination IP address(es).
•Set the service to which this rule applies.
•Set the action the ZyWALL is to take on packets which match this rule.
Router# configure terminal
Router(config)#
Router(config)#
Router(config)# firewall insert 3
Router(firewall)# from WAN
Router(firewall)# to LAN
Router(firewall)# destinationip Dest_1
Router(firewall)# service MyService
Router(firewall)# action allow
The following command displays the default IPv4 firewall rule that applies to the WAN to ZyWALL packet direction. The firewall rule number is in the rule’s priority number in the global rule list.
Router(config)# show firewall WAN ZyWALL firewall rule: 13
description:
user: any, schedule: none
from: WAN, to: ZyWALL
source IP: any, source port: any
destination IP: any, service: Default_Allow_WAN_To_ZyWALL
log: no, action: allow, status: yes
connection match: no
138 |
|
ZyWALL (ZLD) CLI Reference Guide | |
|
|