ZyXEL Communications Internet Security Gateway 10~100 Series User Manual

ZyWALL 10~100 Series Internet Security Gateway

Firewall Commands

10-5

Chart 10-1 Firewall Commands

FUNCTION

COMMAND

DESCRIPTION

Config edit firewall set #> connection-timeout

This command sets how long ZyWALL waits
for a TCP session to be established before
dropping the session.

Config edit firewall set #> fin-wait-timeout

This command sets how long the ZyWALL
leaves a TCP session open after the firewall
detects a FIN-exchange (indicating the end of
the TCP session).

Config edit firewall set

#> tcp-idle-timeout

This command sets how long ZyWALL lets an
inactive TCP connection remain open before
considering it closed.

Config edit firewall set #> log

This command sets whether or not the
ZyWALL creates logs for packets that match
the firewall’s default rule set.

R

R

u

u

l

l

e

e

s

s

Config edit firewall set #> rule permit

This command sets whether packets that
match this rule are dropped or allowed
through.

Config edit firewall set #> rule active no>

This command sets whether a rule is enabled
or not.

Config edit firewall set #> rule protocol

This command sets the protocol specification
number made in this rule for ICMP.

Config edit firewall set #> rule log match | not-match | both>

This command sets the ZyWALL to log traffic
that matches the rule, doesn't match, both or
neither.