Security Mode Configuration Commands
121
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Keyword (might consist of two
separate words)
Associated Keyword to Select or
Parameter to Type
Description
Service name, action, and schedule
service_name
default_services
ANY, AIM, BGP, BOOTP_CLIENT,
BOOTP_SERVER, CU-SEEME:UDP,
CU-SEEME:TCP, DNS:UDP,
DNS:TCP, FINGER, FTP, HTTP,
HTTPS, ICMP-TYPE-3,
ICMP-TYPE-4, ICMP-TYPE-5,
ICMP-TYPE-6, ICMP-TYPE-7,
ICMP-TYPE-8, ICMP-TYPE-9,
ICMP-TYPE-10, ICMP-TYPE-11,
ICMP-TYPE-13, ICQ, IMAP2,
IMAP3, IRC, NEWS, NFS, NNTP,
PING, POP3, PPTP, RCMD,
REAL-AUDIO, REXEC, RLOGIN,
RTELNET, RTSP:TCP, RTSP:UDP,
SFTP, SMTP, SNMP:TCP, SNMP:UDP,
SNMP-TRAPS:TCP,
SNMP-TRAPS:UDP, SQL-NET,
SSH:TCP, SSH:UDP, STRMWO
RKS,
TACACS, TELNET, TFTP, RIP, IKE,
SHTTPD, IPSEC-UDP-ENCAP,
IDENT, VDOLIVE, SSH, SIP-TCP,
SIP-UDP, NFS-TCP, or RPC-TCP
Specifies the default service and
protocol to which the firewall rule
applies.
service_name
custom_services
custom service name The custom service that you have
configured with the security
services add command and to
which the firewall rule applies.
action
ALWAYS_BLOCK, ALWAYS_ALLOW,
BLOCK_BY_SCHEDULE_ELSE_ALLOW,
or ALLOW_BY_SCHEDULE_ELSE_BLOCK
Specifies the type of action to be
enforced by the rule.
schedule Schedule1, Schedule2, or
Schedule3
Specifies the schedule, if any, that
is applicable to the rule.
LAN server addresses, port number translation, and WAN destination addresses
send_to_lan_server ANY, SINGLE_ADDRESS, or
ADDRESS_RANGE
Specifies the type of LAN address.
send_to_lan_server_start_ip ipaddress There are two options:
• The IP address if the
send_to_lan_server
keyword is to SINGLE_ADDRESS.
• The start IP address if the
send_to_lan_server
keyword is set to
ADDRESS_RANGE.
send_to_lan_server_end_ip ipaddress The end IP address if the
send_to_lan_server keyword
is set to ADDRESS_RANGE.
To Next Page
Loading...
