Brocade Communications Systems RFS6000 User Manual
Page 319
Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide
317
53-1001931-01
Global Configuration commands
5
Parameters
Example
RFController(config)#firewall clamp
RFController(config)#
enable
Enables the firewall for this controller.
802.2.-encapsulation
permit
Sets 802.2 packet encapsulation.
•
permit – Allow 802.2 packet encapsulations which can
bypass the firewall. Enabling this option is not
recommended by Brocade
clamp [path-mtu|
tcp-mss]
Configures wireless firewall
•
clamp [path-mtu|tcp-mss] – Displays clamp value
•
path-mtu – Displays limit discovered path-mtu
•
tcp-mss – Displays limit TCP to inner path-mtu
flow timeout
[icmp|other|tcp|udp]
Configures firewall flow of packets.
•
timeout [icmp|other|udp] <1-32400> – Sets the timeout
value for type ICMP, UDP, and Other to a value between 1
and 32400 seconds
•
timeout tcp [close-wait|established|reset|setup]
<10-32400> – Sets the timeout value for TCP packet types
to a value between 1 and 32400 seconds
•
close-wait – Configures the Closed TCP Flow timeout
value
•
established – Configures the Established TCP Flow
timeout value
•
reset – Configures the Reset TCP Flow timeout value
•
setup – Configures the Opening TCP Flow timeout value
virtual-defrag [enable|
max-defrag-per-host|
max-frags-per-dgram|
min-1st-frag-length]
Configures IPv4 virtual defragmentation.
•
enable – enables IPv4 virtual defragmentation. Brocade
recommends that this option be enabled
•
max-defrag-per-host <1-32> – Sets the maximum active
defragmentation per host to a value between 1 and 32
•
max-frags-per-dgram <2-8129> – Sets the maximum
allowed fragmentation per datagram to a value between 2
and 8129
•
min-1st-frag-len < <8-1500> – Sets the minimum
fragmentation length for the 1st fragment to a value between
8 and 1500
vlan-stacking permit
Configures 802.1q VLAN stacking.
•
permit – Permits 802.1q VLAN stacking that can bypass the
firewall. Brocade does not recommend the use of this option