ZyXEL Communications Internet Security Gateway ZyWALL 100 User Manual

ZyWALL 100 Internet Security Gateway

Firewall Commands

S

FUNCTION

COMMAND

DESCRIPTION

Config edit firewall set <set #>
icmp-timeout <seconds>

This command sets the time period to allow an
ICMP session to wait for the ICMP response.

Config edit firewall set <set #>
udp-idle-timeout <seconds>

This command sets how long a UDP connection is
allowed to remain inactive before the ZyWALL
considers the connection closed.

Config edit firewall set <set #>
connection-timeout <seconds>

This command sets how long ZyWALL waits for a
TCP session to be established before dropping the
session.

Config edit firewall set <set #>
fin-wait-timeout <seconds>

This command sets how long the ZyWALL leaves a
TCP session open after the firewall detects a FIN-
exchange (indicating the end of the TCP session).

Config edit firewall set <set #>
tcp-idle-timeout <seconds>

This command sets how long ZyWALL lets an
inactive TCP connection remain open before
considering it closed.

Config edit firewall set <set #>
log <yes | no>

This command sets whether or not the ZyWALL
creates logs for packets that match the firewall’s
default rule set.

R

R

u

u

l

l

e

e

s

s

Config edit firewall set <set #>

rule <rule #> permit <forward |
block>

This command sets whether packets that match this
rule are dropped or allowed through.

Config edit firewall set <set #>

rule <rule #> active <yes | no>

This command sets whether a rule is enabled or
not.

Config edit firewall set <set #>
rule <rule #> protocol <integer
protocol value >

This command sets the protocol specification
number made in this rule for ICMP.