ZyXEL Communications 10 User Manual

ZyWALL 10~100 Series Internet Security Gateway

60

Firewall

Commands

Chart N-1 Firewall Commands

FUNCTION

COMMAND

DESCRIPTION

Config edit firewall set <set #>

rule <rule #> active <yes | no>

This command sets whether a rule is enabled or
not.

Config edit firewall set <set #>
rule <rule #> protocol <integer
protocol value >

This command sets the protocol specification
number made in this rule for ICMP.

Config edit firewall set <set #>
rule <rule #> log <none | match |
not-match | both>

This command sets the ZyWALL to log traffic that
matches the rule, doesn't match, both or neither.

Config edit firewall set <set #>
rule <rule #> alert <yes | no>

This command sets whether or not the ZyWALL
sends an alert e-mail when a DOS attack or a
violation of a particular rule occurs.

config edit firewall set <set #>
rule <rule #> srcaddr-single <ip
address>

This command sets the rule to have the ZyWALL
check for traffic with this individual source address.

config edit firewall set <set #>
rule <rule #> srcaddr-subnet <ip
address> <subnet mask>

This command sets a rule to have the ZyWALL
check for traffic from a particular subnet (defined by
IP address and subnet mask).

config edit firewall set <set #>
rule <rule #> srcaddr-range <start
ip address> <end ip address>

This command sets a rule to have the ZyWALL
check for traffic from this range of addresses.

config edit firewall set <set #>
rule <rule #> destaddr-single <ip
address>

This command sets the rule to have the ZyWALL
check for traffic with this individual destination
address.

config edit firewall set <set #>
rule <rule #> destaddr-subnet <ip
address> <subnet mask>

This command sets a rule to have the ZyWALL
check for traffic with a particular subnet destination
(defined by IP address and subnet mask).