Network Attack Prevention Configuration
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
757
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
TO CONFIGURE FIREWALL POLICY
EXAMPLE
The following example depicts firewall policy configuration:
ALU(config-firewall)# policy P1
ALU(config-firewall-P1)#
T
O CREATE A DOS RULE INSIDE A FIREWALL POLICY
Note: Currently, multiple match-lists cannot be associated to a firewall policy rule. To
configure more than one match-list within a firewall policy, add multiple rules with
different match-lists.
Command (in FwCM) Description
policy <name> Enter this command in the Firewall
Configuration Mode.
This command is used to configure a
firewall policy. This enters the firewall
policy sub-configuration mode
Command (in F-PCM) Description
[<1-65535>] match [any|all]
<match-list name>... attack
<name> {drop|reset} [time-
range <name>]
Enter this command in the Firewall
Policy Configuration Mode.
This command is used to attach an
attack object to a firewall policy, and
configure rules (set priority for the rule,
associate match-lists and action) for a
firewall policy, and also set the action
drop or reset for the configured rules.
The range for the rule number is 1-
65535. This rule number signifies the
priority of a rule. By default, the
numbering pattern for rule number is the
next multiple of ten to the highest
existing rule number.
The keyword “drop” drops the packets,
and “reset” also drops the packets and
sends a reset message to the sender.
To Next Page
Loading...
