ZyWALL 5/35/70 Series User’s Guide
Table 271 Firewall Commands (continued)
FUNCTION | COMMAND | DESCRIPTION |
|
|
|
| Config edit firewall set <set | This command sets how long ZyWALL lets an |
| #> | inactive TCP connection remain open before |
|
| considering it closed. |
|
|
|
|
|
|
| Config edit firewall set <set | This command sets whether or not the |
| #> log <yes no> | ZyWALL creates logs for packets that match |
|
| the firewall’s default rule set. |
|
|
|
Rules | Config edit firewall set <set | This command sets whether packets that |
| #> rule <rule #> permit | match this rule are dropped or allowed |
| <forward block> | through. |
|
|
|
| Config edit firewall set <set | This command sets whether a rule is enabled |
| #> rule <rule #> active <yes | or not. |
| no> |
|
|
|
|
| Config edit firewall set <set | This command sets the protocol specification |
| #> rule <rule #> protocol | number made in this rule for ICMP. |
| <integer protocol value > |
|
|
|
|
| Config edit firewall set <set | This command sets the ZyWALL to log traffic |
| #> rule <rule #> log <none | that matches the rule, doesn't match, both or |
| match | neither. |
|
|
|
| Config edit firewall set <set | This command sets whether or not the |
| #> rule <rule #> alert <yes | ZyWALL sends an alert |
| no> | attack or a violation of a particular rule occurs. |
|
|
|
| config edit firewall set <set | This command sets the rule to have the |
| #> rule <rule #> srcaddr- | ZyWALL check for traffic with this individual |
| single <ip address> | source address. |
|
|
|
| config edit firewall set <set | This command sets a rule to have the |
| #> rule <rule #> srcaddr- | ZyWALL check for traffic from a particular |
| subnet <ip address> <subnet | subnet (defined by IP address and subnet |
| mask> | mask). |
|
| |
|
|
|
| config edit firewall set <set | This command sets a rule to have the |
| #> rule <rule #> | ZyWALL check for traffic from this range of |
| <start ip address> <end ip | addresses. |
| address> |
|
|
|
|
| config edit firewall set <set | This command sets the rule to have the |
| #> rule <rule #> destaddr- | ZyWALL check for traffic with this individual |
| single <ip address> | destination address. |
755 | Appendix N Firewall Commands |