ZyWALL 2 User’s Guide

Chart L-1Firewall Commands

FUNCTIONCOMMAND

Config edit firewall set <set #> default-permit <forward block>

Config edit firewall set <set #> icmp-timeout <seconds>

Config edit firewall set <set #> udp-idle-timeout <seconds>

Config edit firewall set <set #> connection-timeout <seconds>

Config edit firewall set <set #> fin-wait-timeout <seconds>

Config edit firewall set <set #> tcp-idle-timeout <seconds>

Config edit firewall set <set #> log <yes no>

Rules Config edit firewall set <set #> rule <rule #> permit <forward

block>

Config edit firewall set <set #> rule <rule #> active <yes no>

DESCRIPTION

This command sets whether a packet is dropped or allowed through, when it does not meet a rule within the set.

This command sets the time period to allow an ICMP session to wait for the ICMP response.

This command sets how long a UDP connection is allowed to remain inactive before the ZyWALL considers the connection closed.

This command sets how long ZyWALL waits for a TCP session to be established before dropping the session.

This command sets how long the ZyWALL leaves a TCP session open after the firewall detects a FIN- exchange (indicating the end of the TCP session).

This command sets how long ZyWALL lets an inactive TCP connection remain open before considering it closed.

This command sets whether or not the ZyWALL creates logs for packets that match the firewall’s default rule set.

This command sets whether packets that match this rule are dropped or allowed through.

This command sets whether a rule is enabled or not.

L-4

Firewall Commands