ZyXEL Communications ZyXEL ZyWALL 5 User Manual

Page 625

Advertising
background image

ZyWALL 5 User’s Guide

624

Appendix L Firewall Commands

Config edit firewall set <set
#> tcp-idle-timeout <seconds>

This command sets how long ZyWALL lets an

inactive TCP connection remain open before

considering it closed.

Config edit firewall set <set
#> log <yes | no>

This command sets whether or not the

ZyWALL creates logs for packets that match

the firewall’s default rule set.

Rules

Config edit firewall set <set
#> rule <rule #> permit
<forward | block>

This command sets whether packets that

match this rule are dropped or allowed

through.

Config edit firewall set <set
#> rule <rule #> active <yes |
no>

This command sets whether a rule is enabled

or not.

Config edit firewall set <set
#> rule <rule #> protocol
<integer protocol value >

This command sets the protocol specification

number made in this rule for ICMP.

Config edit firewall set <set
#> rule <rule #> log <none |
match | not-match | both>

This command sets the ZyWALL to log traffic

that matches the rule, doesn't match, both or

neither.

Config edit firewall set <set
#> rule <rule #> alert <yes |
no>

This command sets whether or not the

ZyWALL sends an alert e-mail when a DOS

attack or a violation of a particular rule occurs.

config edit firewall set <set
#> rule <rule #> srcaddr-
single <ip address>

This command sets the rule to have the

ZyWALL check for traffic with this individual

source address.

config edit firewall set <set
#> rule <rule #> srcaddr-
subnet <ip address> <subnet
mask>

This command sets a rule to have the

ZyWALL check for traffic from a particular

subnet (defined by IP address and subnet

mask).

config edit firewall set <set
#> rule <rule #> srcaddr-range
<start ip address> <end ip
address>

This command sets a rule to have the

ZyWALL check for traffic from this range of

addresses.

config edit firewall set <set
#> rule <rule #> destaddr-
single <ip address>

This command sets the rule to have the

ZyWALL check for traffic with this individual

destination address.

Table 30 Firewall Commands (continued)

FUNCTION

COMMAND

DESCRIPTION

Advertising
See also other documents in the category ZyXEL Communications Hardware: