Add (router-wan) firewall, Add (router-wan) firewall -23 – Carrier Access Network Device Axxius 800 User Manual

Axxius 800 - Release 2.2

5-23

CLI Commands

add

add (router-wan) firewall

Use the add (router-wan) firewall command to add a firewall rule to a WAN.

Syntax:

add {rtr_card-addr} {"wan-name"} firewall

{rule-number} {drop|pass} {incoming|inout|outgoing}

{alarm|log|nolog} {service} {dest-ip-addr/bits} {src-

ip-addr/bits}

Example:

add 3 "LosAngeles" firewall 1 pass incoming nolog http

203.1.21.17/32 0.0.0.0/0

The example will add a firewall rule that allows HTTP (TCP port 80) access
from any outside host to an inside web server at 203.1.21.17 to the TSR card in
slot 3.

{rtr_card-addr}

The slot number (1-8) that contains the Router card.

{"wan-name"}

The WAN interface to modify. The name must be enclosed in quotes.

{rule-number}

Firewall rules are processed in sequence until the first matching rule is found.

{drop|pass}

{incoming|inout|outgoing}

{alarm|log|nolog}

drop

Do not allow the packet to be forwarded

pass

Allow the packet to be forwarded

incoming

Matches packets for sessions originated from an outside host

inout

Matches packets for sessions originated from either an inside or outside
host

outgoing

Matches packets for sessions originated from an inside host

alarm

Add an entry to alarm log for packets that match this rule

log

Add an entry to event log for packets that match this rule

nolog

Do not add an entry to the logs for packets that match this rule