Example, Response – Efficient Networks 107-0001-000 User Manual

Efficient Networks

®

Router family

Command Line Interface Guide

Chapter 18: Stateful Firewall Commands

Efficient Networks

®

Page 18-13

The following paragraphs identify the s for modification:

Example

Example command changes the allow rule number 7 to a deny rule with no changes
to the existing parameters

Response

Command prompt.

-ac allow | deny

Changes the action taken on the packet when the rule is matched. Rule will
move from one allow | deny rules list to the other list.

-p | tcp | udp | icmp |

a

a

Integer, numerical protocol ID.

Specifies the protocol a packet must have.

-a imap | telnet | bootp | nntp | rpc | tftp | smtp |

dns | ftp | rexec | rsh | rlogin | syslog | winframe | rdp | http |

https | ntp | smb | ras | realaudio | netmeeting | aolim| quicktime

| cuseeme | netshow | pptp | nfs | nis | traceroute | sqlnet | ipsec

Modifies the firewall rule type.

-sp | [:]

Modifies the source port, specified port range, or ICMP type.

-dp | [:]

Modifies the destination port, specified port range, or ICMP code.

-sa [:]

Modifies the source IP address or specified address range.

-da [:]

Modifies the destination IP address or specified address range.

-sm

Modifies the specified source ip mask.

-dm

Modifies the specified destination ip mask.

- q | -v

Modifies the message logging characteristic for the firewall rule.

-d in | out

Modifies the specified direction of the rule.

-> firewall modify allow 7 -ac deny