ZyXEL Communications 5 Series User Manual

Page 810

Advertising
background image

ZyWALL 5/35/70 Series User’s Guide

810

Appendix L Firewall Commands

Config edit firewall set <set

#> tcp-idle-timeout <seconds>

This command sets how long ZyWALL lets an
inactive TCP connection remain open before
considering it closed.

Config edit firewall set <set

#> log <yes | no>

This command sets whether or not the
ZyWALL creates logs for packets that match
the firewall’s default rule set.

Rules

Config edit firewall set <set

#> rule <rule #> permit

<forward | block>

This command sets whether packets that
match this rule are dropped or allowed
through.

Config edit firewall set <set

#> rule <rule #> active <yes |

no>

This command sets whether a rule is enabled
or not.

Config edit firewall set <set

#> rule <rule #> protocol

<integer protocol value >

This command sets the protocol specification
number made in this rule for ICMP.

Config edit firewall set <set

#> rule <rule #> log <none |

match | not-match | both>

This command sets the ZyWALL to log traffic
that matches the rule, doesn't match, both or
neither.

Config edit firewall set <set

#> rule <rule #> alert <yes |

no>

This command sets whether or not the
ZyWALL sends an alert e-mail when a DOS
attack or a violation of a particular rule occurs.

config edit firewall set <set

#> rule <rule #> srcaddr-

single <ip address>

This command sets the rule to have the
ZyWALL check for traffic with this individual
source address.

config edit firewall set <set

#> rule <rule #> srcaddr-

subnet <ip address> <subnet

mask>

This command sets a rule to have the
ZyWALL check for traffic from a particular
subnet (defined by IP address and subnet
mask).

config edit firewall set <set

#> rule <rule #> srcaddr-range

<start ip address> <end ip

address>

This command sets a rule to have the
ZyWALL check for traffic from this range of
addresses.

config edit firewall set <set

#> rule <rule #> destaddr-

single <ip address>

This command sets the rule to have the
ZyWALL check for traffic with this individual
destination address.

Table 288 Firewall Commands (continued)

FUNCTION

COMMAND

DESCRIPTION

Advertising