Chapter 25 Secure Policy
ZyWALL / USG (ZLD) CLI Reference Guide
165
secure-policy zone_object {zone_object|ZyWALL} delete
<1..5000>
Removes a direction specific through-ZyWALL rule or
to-ZyWALL rule.
<1..5000>: the index number in a direction specific
secure policy rule list.
secure-policy zone_object {zone_object|ZyWALL} flush Removes all direction specific through-ZyWALL rule or
to-ZyWALL rules.
secure-policy zone_object {zone_object|ZyWALL} insert
rule_number
Enters the secure policy sub-command mode to add a
direction specific through-ZyWALL rule or to-ZyWALL
rule before the specified rule number. See Table 86 on
page 167 for the sub-commands.
secure-policy zone_object {zone_object|ZyWALL} move
rule_number to rule_number
Moves a direction specific through-ZyWALL rule or to-
ZyWALL rule to the number that you specified.
[no] secure-policy activate Enables the secure policy on the ZyWALL / USG. The
no command disables the secure policy.
secure-policy append Enters the secure policy sub-command mode to add a
global secure policy rule to the end of the global rule
list. See Table 86 on page 167 for the sub-commands.
secure-policy default-rule action {allow | deny |
reject} { no log | log [alert] }
Sets how the secure policy handles packets that do
not match any other secure policy rule.
secure-policy delete rule_number Removes a secure policy rule.
secure-policy flush Removes all secure policy rules.
secure-policy insert rule_number Enters the secure policy sub-command mode to add a
secure policy rule before the specified rule number.
See Table 86 on page 167 for the sub-commands.
secure-policy move rule_number to rule_number Moves a secure policy rule to the number that you
specified.
show secure-policy Displays all Secure Policy settings.
show secure-policy rule_number Displays a secure policy rule’s settings.
show secure-policy zone_object {zone_object|ZyWALL} Displays all secure policy rules settings for the
specified packet direction.
show secure-policy zone_object {zone_object|ZyWALL}
rule_number
Displays a specified secure policy rule’s settings for
the specified packet direction.
show secure-policy status Displays whether or not the secure policy is active,
whether or not asymmetrical route topology is
allowed, and the default secure policy rule’s
configuration.
show secure-policy block_rules Displays all the secure policy rules that deny access.
show secure-policy any ZyWALL Shows all the to-ZyWALL / USG secure policy rules.
show secure-policy6 filter from zone_object to
zone_object srcip6 <ip-address> dstip6 <ip> service {any
| tcp | udp | icmp | gre | esp | user-defined} port-
number user user_name sch schedule_object
Applies IPv6 search filters to find specific IPv6 (if
enabled) security policies based on direction,
application, user, source, destination and/or schedule.
secure-policy6 rule_number Enters the IPv6 secure policy sub-command mode to
set a secure policy rule. See Table 86 on page 167 for
the sub-commands.
secure-policy6 zone_object {zone_object|ZyWALL}
rule_number
Enters the IPv6 firewall sub-command mode to set a
direction specific through-ZyWALL rule or to-ZyWALL
rule. See Table 86 on page 167 for the sub-
commands.
Table 85 Command Summary: Secure Policy (continued)
COMMAND DESCRIPTION
To Next Page
Loading...
