Chapter 25 Secure Policy
ZyWALL / USG (ZLD) CLI Reference Guide
172
The following table describes the session-limit commands. You must use the configure
terminal
command to enter the configuration mode before you can use these commands.
address6_object The name of the IPv6 address (group) object. You may use 1-31 alphanumeric
characters, underscores(
_), or dashes (-), but the first character cannot be a
number. This value is case-sensitive.
user_name The name of a user (group). You may use 1-31 alphanumeric characters, underscores
(
_), or dashes (-), but the first character cannot be a number. This value is case-
sensitive.
Table 87 Input Values for General Session Limit Commands (continued)
LABEL DESCRIPTION
Table 88 Command Summary: Session Limit
COMMAND DESCRIPTION
[no] session-limit activate Turns the session-limit feature on or off.
session-limit limit <0..8192> Sets the default number of concurrent NAT/firewall sessions per host.
session-limit rule_number Enters the session-limit sub-command mode to set a session-limit rule.
[no] activate Enables the session-limit rule. The
no command disables the session
limit rule.
[no] address address_object Sets the source IP address. The
no command sets this to any, which
means all IP addresses.
[no] description description Sets a descriptive name (up to 64 printable ASCII characters) for a
session-limit rule. The
no command removes the descriptive name
from the rule.
exit Quits the sub-command mode.
[no] limit <0..8192> Sets the limit for the number of concurrent NAT/firewall sessions this
rule’s users or addresses can have. 0 means any.
[no] user user_name Sets a session-limit rule for the specified user. The
no command resets
the user name to the default (
any). any means all users.
session-limit append Enters the session-limit sub-command mode to add a session-limit rule
to the end of the session-limit rule list.
session-limit delete rule_number Removes a session-limit rule.
session-limit flush Removes all session-limit rules.
session-limit insert rule_number Enters the session-limit sub-command mode to add a session-limit rule
before the specified rule number.
session-limit move rule_number to
rule_number
Moves a session-limit to the number that you specified.
show session-limit Shows the session-limit configuration.
show session-limit begin rule_number end
rule_number
Shows the settings for a range of session-limit rules.
show session-limit rule_number Shows the session-limit rule’s settings.
show session-limit status Shows the general session-limit settings.
[no] session-limit6 activate Turns the IPv6 session-limit feature on or off.
session-limit6 limit <0..8192> Sets the default number of concurrent NAT/firewall IPv6 sessions per
host.
session-limit6 rule_number Enters the IPv6 session-limit sub-command mode to set a session-limit
rule.
[no] activate Enables the IPv6 session-limit rule. The no command disables the
session limit rule.
To Next Page
Loading...
