Filter Command Reference
366 7705 SAR OS Router Configuration Guide
The no form of the command removes the specified action statement. An entry is considered
incomplete and is rendered inactive without the action keyword.
Default no action
Parameters reject — specifies that packets matching the entry criteria will be rejected
forward — specifies that packets matching the entry criteria will be forwarded
nat — specifies that packets matching the entry criteria will have NAT applied to them and a
session will be created on the datapath
action nat
Syntax action nat [destination ip-address port tcp-udp-port]
no action
Context config>security>policy>entry
Description This command specifies the destination IP address and port to which packets that have NAT applied
to them are sent.
NAT actions cause a 6-tuple lookup (src/dst IP, src/dst port, protocol, src zone). If there is a match,
NAT is applied and the packet is routed based on the datapath session table.
Multiple action statements entered will overwrite previous action statements when defined.
The no form of the command removes the specified action statement. An entry is considered
incomplete and is rendered inactive without the action keyword.
Default no action
Parameters destination — specifies the static NAT (port forwarding) internal destination IP address. This
parameter applies only to static destination NAT (port forwarding).
ip-address — the static NAT inside destination IP address used for port forwarding. When
configured, the original packet destination IP address is overwritten with this configured IP
address.
Values 1.0.0.0 to 223.255.255.255
port — specifies the static NAT (port forwarding) internal destination port address. This
parameter applies only to static destination NAT (port forwarding).
tcp-udp-port — the static NAT inside port IP number used for port forwarding. When
configured, the original packet destination port number is overwritten with this configured
port number.
Values 1 to 65535
To Next Page
Loading...
