ZyXEL Communications 3.1 20.2.6 General Commands for Application Patrol, 20.2.5.1 Other Rule Sub-commands

Chapter 20 Application Patrol

20.2.5.1 Other Rule Sub-commands

The following table describes the sub-commands for several application patrol other rule commands. Note that not all rule commands use all the sub-commands listed here.

Table 89 app patrol other rule Sub-commands

COMMAND	DESCRIPTION
[no] activate	Turns on this rule. The no command turns off this rule.
[no] port <0..65535>	Specifies the destination port. 0 means any.
[no] schedule profile_name	Adds the specified schedule to the rule.
[no] user username	Adds the specified user to the rule.
[no] from zone_name	Specifies the source zone.
[no] to zone_name	Specifies the destination zone.
[no] source profile_name	Adds the specified source address to the rule.
[no] destination profile_name	Adds the specified destination address to the rule.
[no] protocol {tcp udp}	Adds the specified protocol to the rule.
access {forward drop reject}	Specifies the action when traffic matches the rule.
[no] action-block	Blocks use of a specific feature.
{loginmessageaudiovideofile-transfer}
bandwidth {inboundoutbound} <0..1048576>	Limits inbound or outbound bandwidth, in kilobits per second. 0
	disables bandwidth management for traffic matching this rule.

[no] bandwidth excess-usage	Enables maximize bandwidth usage to let the traffic matching this
	policy “borrow” any unused bandwidth on the out-going interface.

bandwidth priority <1..7>	Set the priority for traffic that matches this rule. The smaller the
	number, the higher the priority.
[no] inbound-dscp-mark {<0..63> class	This is how the ZyWALL handles the DSCP value of the outgoing
{default dscp_class}}	packets to a connection’s initiator that match this policy.
	Enter a DSCP value to have the ZyWALL apply that DSCP value.
	Set this to the class default to have the ZyWALL set the DSCP
	value to 0.

[no] log [alert]	Creates log entries (and alerts) for traffic that matches the rule.
	The no command does not create any log entries.
[no] outbound-dscp-mark {<0..63> class	This is how the ZyWALL handles the DSCP value of the outgoing
{default dscp_class}}	packets from a connection’s initiator that match this policy.
	Enter a DSCP value to have the ZyWALL apply that DSCP value.
	Set this to the class default to have the ZyWALL set the DSCP
	value to 0.

show	Displays the rule’s configuration

20.2.6 General Commands for Application Patrol

Note: You must register for the IDP/AppPatrol signature service (at least the trial) before you can use it. See Chapter 5 on page 45.

168
168	ZyWALL (ZLD) CLI Reference Guide