Amer Networks WLO220T CLI User Manual

C O M M A N D D E S C R I P T I O N S

policy

2

64

CLI Reference Guide



winnuke blocks connections to TCP ports 139 and 445, which are used by both the

Winnuke and Sasser worms. (These ports are also used by NetBIOS.)

Example

The following command enables port-attack prevention for all port-attacks :

set policy global port-attack all

schedule

set policy [ global ] { ... } schedule name_str [ ... ]

schedule

Applies the policy only at times defined in the specified schedule.

Example

With following commands, you first create a schedule named “Mkt_Sched” and then reference it
in a policy permitting any kind of traffic from any address in the Trust zone to any address in the
Untrust zone:

set schedule Mkt_Sched recurrent monday start 09:00 stop 12:00

set policy from trust to untrust any any any permit schedule Mkt_Sched

top

set policy [ global ] [ ... ] top

schedule

Places the policy at the top of the access control list (ACL). The policy at the top of the ACL
has the highest precedence.

Example

The following command:

• Permits any kind of service from any address in the Trust zone to any address in the Untrust zone

• Assigns to the policy an ID value of 30

• Places the policy at the top of the ACL

set policy id 30 top from trust to untrust any any any permit

top-talkers

set policy ... [top-talkers] schedule schedule-name

top-talkers

Marks this policy as a top-talkers candidate.

Example

The following command creates the policy to allow the https traffic from any address at the
untrust zone to web-server (10.10.10.100) at the trust zone and marks this policy as top-talkers
candidate: