Chapter 29 Secure Policy
ZyWALL Series CLI Reference Guide
225
show firewall icsa status
Displays if a ICSA certification connection is automatically
terminated immediately once ICMP unreachable or ICMP TTL
expired is received.
show secure-policy
Displays all Secure Policy settings.
show secure-policy rule_number
Displays a secure policy rule’s settings.
show secure-policy zone_object
{zone_object|ZyWALL}
Displays all secure policy rules settings for the specified packet
direction.
show secure-policy zone_object
{zone_object|ZyWALL} rule_number
Displays a specified secure policy rule’s settings for the specified
packet direction.
show secure-policy status
Displays whether or not the secure policy is active, whether or not
asymmetrical route topology is allowed, and the default secure
policy rule’s configuration.
show secure-policy block_rules
Displays all the secure policy rules that deny access.
show secure-policy any ZyWALL
Shows all the to-Zyxel Device secure policy rules.
show secure-policy6 filter from
zone_object to zone_object srcip6
<ip-address> dstip6 <ip> service
{any | tcp | udp | icmp | gre |
esp | user-defined} port-number
user user_name sch
schedule_object
Applies IPv6 search filters to find specific IPv6 (if enabled) security
policies based on direction, application, user, source, destination
and/or schedule.
secure-policy6 rule_number
Enters the IPv6 secure policy sub-command mode to set a secure
policy rule. See Table 114 on page 226 for the sub-commands.
secure-policy6 zone_object
{zone_object|ZyWALL} rule_number
Enters the IPv6 firewall sub-command mode to set a direction
specific through-ZyWALL rule or to-ZyWALL rule. See Table 114 on
page 226 for the sub-commands.
secure-policy6 zone_object
{zone_object|ZyWALL} append
Enters the IPv6 secure policy sub-command mode to add a
direction specific through-ZyWALL rule or to-ZyWALL rule to the end
of the global rule list. See Table 114 on page 226 for the sub-
commands.
secure-policy6 zone_object
{zone_object|ZyWALL} delete
<1..5000>
Removes a direction specific IPv6 through-ZyWALL rule or to-
ZyWALL rule.
<1..5000>: the index number in a direction specific firewall rule
list.
secure-policy6 zone_object
{zone_object|ZyWALL} flush
Removes all direction specific IPv6 through-ZyWALL rule or to-
ZyWALL rules.
secure-policy6 zone_object
{zone_object|ZyWALL} insert
rule_number
Enters the IPv6 secure policy sub-command mode to add a
direction specific through-ZyWALL rule or to-ZyWALL rule before the
specified rule number. See Table 114 on page 226 for the sub-
commands.
secure-policy6 zone_object
{zone_object|ZyWALL} move
rule_number to rule_number
Moves a direction specific IPv6 through-ZyWALL rule or to-ZyWALL
rule to the number that you specified.
[no] secure-policy6 activate
Enables the IPv6 secure policy on the Zyxel Device. The no
command disables the IPv6 firewall.
secure-policy6 append
Enters the IPv6 secure policy sub-command mode to add a global
firewall rule to the end of the global rule list. See Table 114 on page
226 for the sub-commands.
Table 113 Command Summary: Secure Policy (continued)
COMMAND DESCRIPTION
To Next Page
Loading...
