Filter and Firewall
Left running head:
Chapter name (automatic)
724
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
Alcatel-Lucent
In filtering, packets are analyzed against a set of rules. Only those which satisfy
these conditions and have a “permit” flag attached are allowed through the filters
and sent to the requesting system. The permit traffic can also be logged. The rest
are discarded and can optionally be logged.
E
XAMPLE
The example below sets a permit rule so that only traffic defined by m1 is
permitted.
ALU(config)# ip filter f1
ALU(config-filter-f1)# 10 match m1 permit log
The example below configures a deny rule with reset option on traffic as defined in
m1.
ALU(config-filter-f1)# 10 match m1 deny reset
T
O CONFIGURE A STATELESS FILTER
Note: The filters on OmniAccess 5740 USG are by default stateful. This behavior can be
overridden by the keyword “stateless”.
E
XAMPLE
The following example sets the filter to stateless.
ALU(config-filter-f1)# stateless
In the example below, the filter f1 is changed to stateful/reflexive mode.
ALU(config)# filter f1
ALU(config-filter-f1)# no stateless
Command (in FCM) Description
stateless Use this command to set the filter
behavior to stateless.
no stateless The ‘no’ command changes the stateless
option configured on the filter to the
default state which is stateful or reflexive.
To Next Page
Loading...
