Security Mode Configuration Commands
130
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Keyword (might consist of two
separate words)
Associated Keyword to Select or
Parameter to Type
Description
Service name, action, and schedule
service_name
default_services
ANY, AIM, BGP, BOOTP_CLIENT,
BOOTP_SERVER, CU-SEEME:UDP,
CU-SEEME:TCP, DNS:UDP, DNS:TCP,
FINGER, FTP, HTTP, HTTPS,
ICMP-TYPE-3, ICMP-TYPE-4,
ICMP-TYPE-5, ICMP-TYPE-6,
ICMP-TYPE-7, ICMP-TYPE-8,
ICMP-TYPE-9, ICMP-TYPE-10,
ICMP-TYPE-11, ICMP-TYPE-13,
ICQ, IMAP2, IMAP3, IRC, NEWS, NFS,
NNTP, PING, POP3, PPTP, RCMD,
REAL-AUDIO, REXEC, RLOGIN,
RTELNET, RTSP:TCP, RTSP:UDP,
SFTP, SMTP, SNMP:TCP, SNMP:UDP,
SNMP-TRAPS:TCP,
SNMP-TRAPS:UDP, SQL-NET,
SSH:TCP, SSH:UDP, ST
RMWORKS,
TACACS, TELNET, TFTP, RIP, IKE,
SHTTPD, IPSEC-UDP-ENCAP, IDENT,
VDOLIVE, SSH, SIP-TCP, SIP-UDP,
NFS-TCP, or RPC-TCP
Specifies the default service and
protocol to which the firewall rule
applies.
service_name
custom_services
custom service name The custom service that you have
configured with the security
services add command and to
which the firewall rule applies.
action ALWAYS_BLOCK, ALWAYS_ALLOW,
BLOCK_BY_SCHEDULE_ELSE_ALLOW,
or
ALLOW_BY_SCHEDULE_ELSE_BLOCK
Specifies the type of action to be
enforced by the rule.
schedule Schedule1, Schedule2, or
Schedule3
Specifies the schedule, if any, that
is applicable to the rule.
DMZ user addresses and WAN user addresses
dmz_users ANY, SINGLE_ADDRESS, or
ADDRESS_RANGE
Specifies the type of DMZ address.
dmz_user_start_ip ipaddress There are two options:
• The IP address if the dmz_users
keyword is set to
SINGLE_ADDRESS.
• The start IP address if the
dmz_users keyword is set to
ADDRESS_RANGE.
dmz_user_end_ip ipaddress The end IP address if the
dmz_users keyword is set to
ADDRESS_RANGE.
To Next Page
Loading...
