Chapter 16 Firewall

 

 

Table 66 Command Summary: Firewall (continued)

 

COMMAND

DESCRIPTION

firewall zone_object {zone_objectZyWALL} delete

Removes a direction specific through-ZyWALL rule or

<1..5000>

to-ZyWALL rule.

 

<1..5000>: the index number in a direction specific

 

firewall rule list.

 

 

firewall zone_object {zone_objectZyWALL} flush

Removes all direction specific through-ZyWALL rule or

 

to-ZyWALL rules.

firewall zone_object {zone_objectZyWALL} insert

Enters the firewall sub-command mode to add a

rule_number

direction specific through-ZyWALL rule or to-ZyWALL

 

rule before the specified rule number. See Table 67 on

 

page 137 for the sub-commands.

 

 

firewall zone_object {zone_objectZyWALL} move

Moves a direction specific through-ZyWALL rule or to-

rule_number to rule_number

ZyWALL rule to the number that you specified.

[no] firewall activate

Enables the firewall on the ZyWALL. The no command

 

disables the firewall.

firewall append

Enters the firewall sub-command mode to add a

 

global firewall rule to the end of the global rule list.

 

See Table 67 on page 137 for the sub-commands.

 

 

firewall default-rule action {allow deny reject} { no

Sets how the firewall handles packets that do not

log log [alert] }

match any other firewall rule.

firewall delete rule_number

Removes a firewall rule.

firewall flush

Removes all firewall rules.

firewall insert rule_number

Enters the firewall sub-command mode to add a

 

firewall rule before the specified rule number. See

 

Table 67 on page 137 for the sub-commands.

 

 

firewall move rule_number to rule_number

Moves a firewall rule to the number that you specified.

show connlimit max-per-host

Displays the highest number of sessions that the

 

ZyWALL will permit a host to have at one time.

 

 

show firewall

Displays all firewall settings.

show firewall rule_number

Displays a firewall rule’s settings.

show firewall zone_object {zone_objectZyWALL}

Displays all firewall rules settings for the specified

 

packet direction.

show firewall zone_object {zone_objectZyWALL}

Displays a specified firewall rule’s settings for the

rule_number

specified packet direction.

 

 

show firewall status

Displays whether or not the firewall is active, whether

 

or not asymmetrical route topology is allowed, and

 

the default firewall rule’s configuration.

 

 

show firewall block_rules

Displays all the firewall rules that deny access.

show firewall any ZyWALL

Shows all the to-ZyWALL firewall rules.

[no] connlimit6 max-per-host <1..8192>

Sets the highest number of IPv6 sessions that the

 

ZyWALL will permit a host to have at one time. The

 

no command removes the setting.

firewall6 rule_number

Enters the IPv6 firewall sub-command mode to set a

 

firewall rule. See Table 67 on page 137 for the sub-

 

commands.

 

 

firewall6 zone_object {zone_objectZyWALL} rule_number

Enters the IPv6 firewall sub-command mode to set a

 

direction specific through-ZyWALL rule or to-ZyWALL

 

rule. See Table 67 on page 137 for the sub-

 

commands.

 

 

 

135

ZyWALL (ZLD) CLI Reference Guide