Chapter 10 Configuration Commands
The following table describes the fields displayed using the config display set command in the example above.
Table 29 config display set
LABEL | DESCRIPTION |
ACL set number | Shows the index number of this set and the interfaces it applies |
| to. See |
ACL set name | Shows the name of this set. |
ACL set number of rules | Shows the number of rules in this set. |
ACL set default action | Shows the default action when a packet matches a rule in the |
| set. The options are: permitdropreject. |
ACL pnc enable | Shows whether the pnc service is enabled. This service is |
| currently not available. |
ACL log enable | Shows whether the log is enabled or not. |
ACL logone enable | Shows whether logone is enabled or not. This function is |
| currently not available. |
ICMP idle timeout(s) | Shows the timeout for an idle ICMP session before it is |
| terminated. |
UDP idle timeout(s) | Shows the timeout for an idle UDP session before it is |
| terminated. |
TCP connection timeout(s) | Shows the connection timeout for traffic to which a rule in the |
| set applies. |
TCP | Shows the wait time for FIN when concluding a TCP session |
| before it is terminated. |
TCP idle timeout(s) | Shows the timeout for an idle TCP session before it is |
| terminated. |
The following table describes the fields displayed using the config display set
<index> rule command in the example above, as well as other related fields that may appear when configuring a rule using this command.
Table 30 config display set <index> rule <rule#>
LABEL | DESCRIPTION |
ACL rule number | Shows the index number of this rule. |
ACL rule active | Shows whether this rule is active or not. |
ACL rule action | Shows the action taken when a packet matches a rule. The |
| options are: permitdropreject. |
ACL rule protocol | Shows the protocol number this rule applies to. They range |
| from 0~255. For example, 1=ICMP, 6=TCP, 17=UDP, see |
| RFC791. |
|
|
ACL rule log | Shows whether the logging of packets matching the rule is |
| enabled or not. |
ACL rule alert | Shows whether or not an alert is sent when a packet matches |
| the rule. |
Source Single IP address | Shows the source IP address of packets to which the rule |
| applies. |
Source IP address, | Shows the source IP address and subnet mask of packets to |
subnet mask | which the rule applies. |
78 |
| |
ZyWALL (ZyNOS) CLI Reference Guide |
| |
|
|
|