ZyXEL Communications 70 Series User Manual

ZyWALL 5/35/70 Series User’s Guide

759

Appendix N Firewall Commands

Config edit firewall set #> tcp-idle-timeout

This command sets how long ZyWALL lets an

inactive TCP connection remain open before

considering it closed.

Config edit firewall set #> log

This command sets whether or not the

ZyWALL creates logs for packets that match

the firewall’s default rule set.

Rules

Config edit firewall set #> rule permit

This command sets whether packets that

match this rule are dropped or allowed

through.

Config edit firewall set #> rule active no>

This command sets whether a rule is enabled

or not.

Config edit firewall set #> rule protocol

This command sets the protocol specification

number made in this rule for ICMP.

Config edit firewall set #> rule log match | not-match | both>

This command sets the ZyWALL to log traffic

that matches the rule, doesn't match, both or

neither.

Config edit firewall set #> rule alert no>

This command sets whether or not the

ZyWALL sends an alert e-mail when a DOS

attack or a violation of a particular rule occurs.

config edit firewall set #> rule srcaddr-
single

This command sets the rule to have the

ZyWALL check for traffic with this individual

source address.

config edit firewall set #> rule srcaddr-
subnet mask>

This command sets a rule to have the

ZyWALL check for traffic from a particular

subnet (defined by IP address and subnet

mask).

config edit firewall set #> rule srcaddr-range
address>

This command sets a rule to have the

ZyWALL check for traffic from this range of

addresses.

config edit firewall set #> rule destaddr-
single

This command sets the rule to have the

ZyWALL check for traffic with this individual

destination address.

Table 271 Firewall Commands (continued)

FUNCTION

COMMAND

DESCRIPTION