ZyXEL Communications 10 User Manual

ZyWALL 10~100 Series Internet Security Gateway

Firewall Commands

59

Chart N-1 Firewall Commands

FUNCTION

COMMAND

DESCRIPTION

S

S

e

e

t

t

s

s

config edit firewall set <set #>

name <desired name>

This command sets a name to identify a specified
set.

Config edit firewall set <set #>
default-permit <forward | block>

This command sets whether a packet is dropped or
allowed through, when it does not meet a rule within
the set.

Config edit firewall set <set #>
icmp-timeout <seconds>

This command sets the time period to allow an
ICMP session to wait for the ICMP response.

Config edit firewall set <set #>
udp-idle-timeout <seconds>

This command sets how long a UDP connection is
allowed to remain inactive before the ZyWALL
considers the connection closed.

Config edit firewall set <set #>
connection-timeout <seconds>

This command sets how long ZyWALL waits for a
TCP session to be established before dropping the
session.

Config edit firewall set <set #>
fin-wait-timeout <seconds>

This command sets how long the ZyWALL leaves a
TCP session open after the firewall detects a FIN-
exchange (indicating the end of the TCP session).

Config edit firewall set <set #>
tcp-idle-timeout <seconds>

This command sets how long ZyWALL lets an
inactive TCP connection remain open before
considering it closed.

Config edit firewall set <set #>
log <yes | no>

This command sets whether or not the ZyWALL
creates logs for packets that match the firewall’s
default rule set.

R

R

u

u

l

l

e

e

s

s

Config edit firewall set <set #>

rule <rule #> permit <forward |
block>

This command sets whether packets that match this
rule are dropped or allowed through.