Filter and Firewall
Left running head:
Chapter name (automatic)
758
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
Alcatel-Lucent
E
XAMPLE
In the following example, the attack object atk is configured to drop all the attacks:
ALU(config-firewall-P1)# 10 match m1 attack atk drop
In the following example, the attack object atk is configured to drop all the attacks
and send acknowledgement such as an error report.
ALU(config-firewall-P1)# match m1 attack atk reset
T
O REORDER THE RULES IN THE FIREWALL POLICY
EXAMPLE
Consider the following configuration:
ALU(config)# firewall
ALU(config-firewall)# policy P1
ALU(config-firewall-P1)#
10 match m1 attack atk drop
20 match m2 attack atk reset
30 match m3 attack atk reset
40 match m4 attack atk drop
In the above sequence, if m4 has a priority 40. Use the “change “ keyword to
change the priority of m4.
ALU(config-firewall)# policy P1
ALU(config-firewall-P1)# change 40 15
To view the policy configuration after changing the priority, give the show
command. The output appears as shown:
show firewall policy P1
ip policy P1
10 match m1 attack atk drop
15 match m4 attack atk drop
20 match m2 attack atk reset
30 match m3 attack atk reset
Now, to generate a numbering scheme with a proper order, use the keyword
“renumber” as follows:
ALU(config-firewall)# policy P1
ALU(config-firewall-P1)# renumber
Command (in F-PCM) Description
renumber Use this command to generate a
numbering scheme for the firewall
policy rules configured.
change {<1-65535> <1-65535>} Use this command to change the
priority of a specific firewall policy
rule configured.
To Next Page
Loading...
Need help?
General
