Support User Manuals

ZyXEL Communications 3.1 Security Camera User Manual

Open as PDF

of 386

Chapter 16 Firewall

ZyWALL (ZLD) CLI Reference Guide

139

The following command displays the default IPv6 firewall rule that applies to the WAN to ZyWALL

packet direction. The firewall rule number is in the rule’s priority number in the global rule list.

16.3 Session Limit Commands

The following table identifies the values required for many of these commands. Other input values

are discussed with the corresponding commands.

The following table describes the session-limit commands. You must use the

configure

terminal

command to enter the configuration mode before you can use these commands.

Router(config)# show firewall6 WAN ZyWALL

firewall rule: 13

description:

user: any, schedule: none

from: WAN, to: ZyWALL

source IP: any, source port: any

destination IP: any, service: Default_Allow_v6_WAN_To_ZyWALL

log: no, action: allow, status: yes

Table 68 Input Values for General Session Limit Commands

LABEL DESCRIPTION

rule_number The priority number of a session limit rule, 1 - 1000.

address_object The name of the IP address (group) object. You may use 1-31 alphanumeric

characters, underscores (

_), or dashes (-), but the first character cannot be a

number. This value is case-sensitive.

address6_object The name of the IPv6 address (group) object. You may use 1-31 alphanumeric

characters, underscores(

_), or dashes (-), but the first character cannot be a

number. This value is case-sensitive.

user_name The name of a user (group). You may use 1-31 alphanumeric characters, underscores

(

_), or dashes (-), but the first character cannot be a number. This value is case-

sensitive.

Table 69 Command Summary: Session Limit

COMMAND DESCRIPTION

[no] session-limit activate Turns the session-limit feature on or off.

session-limit limit <0..8192> Sets the default number of concurrent NAT/firewall sessions per host.

session-limit rule_number Enters the session-limit sub-command mode to set a session-limit rule.

[no] activate Enables the session-limit rule. The

no command disables the session

limit rule.

[no] address address_object Sets the source IP address. The

no command sets this to any, which

means all IP addresses.

[no] description description Sets a descriptive name (up to 64 printable ASCII characters) for a

session-limit rule. The

no command removes the descriptive name

from the rule.

exit Quits the sub-command mode.

[no] limit <0..8192> Sets the limit for the number of concurrent NAT/firewall sessions this

rule’s users or addresses can have. 0 means any.

[no] user user_name Sets a session-limit rule for the specified user. The

no command resets

the user name to the default (

any). any means all users.

previous next