Support User Manuals

ZyXEL Communications 3.1 Security Camera User Manual

Open as PDF

of 386

Chapter 20 Application Patrol

ZyWALL (ZLD) CLI Reference Guide

165

20.2.2.1 Rule Sub-commands

The following table describes the sub-commands for several application patrol rule commands. Note

that not all rule commands use all the sub-commands listed here.

app protocol_name rule default

or

app protocol_name rule modify default

Enters sub-command mode for editing the default rule for the

application. See Table 84 on page 165 for the sub-commands.

no app protocol_name rule rule_number Deletes the specified rule.

Table 83 app Commands: Rules in Pre-Defined Applications (continued)

COMMAND DESCRIPTION

Table 84 app protocol rule Sub-commands

COMMAND DESCRIPTION

access {forward | drop | reject} Specifies the action when traffic matches the rule.

[no] action-block

{login|message|audio|video|file-transfer}

Blocks use of a specific feature.

[no] activate Turns on this rule. The

no command turns off this rule.

bandwidth {inbound|outbound} <0..1048576> Limits inbound or outbound bandwidth, in kilobits per second. 0

disables bandwidth management for traffic matching this rule.

[no] bandwidth excess-usage Enables maximize bandwidth usage to let the traffic matching this

policy “borrow” any unused bandwidth on the out-going interface.

bandwidth priority <1..7> Set the priority for traffic that matches this rule. The smaller the

number, the higher the priority.

[no] destination profile_name Adds the specified destination address to the rule.

[no] from zone_name Specifies the source zone.

[no] inbound-dscp-mark {<0..63> | class

{default | dscp_class}}

This is how the ZyWALL handles the DSCP value of the outgoing

packets to a connection’s initiator that match this policy.

Enter a DSCP value to have the ZyWALL apply that DSCP value.

Set this to the class default to have the ZyWALL set the DSCP

value to 0.

[no] log [alert] Creates log entries (and alerts) for traffic that matches the rule.

The

no command does not create any log entries.

[no] outbound-dscp-mark {<0..63> | class

{default | dscp_class}}

This is how the ZyWALL handles the DSCP value of the outgoing

packets from a connection’s initiator that match this policy.

Enter a DSCP value to have the ZyWALL apply that DSCP value.

Set this to the class default to have the ZyWALL set the DSCP

value to 0.

port <0..65535> Specifies the destination port. 0 means any.

[no] schedule profile_name Adds the specified schedule to the rule.

show Displays the rule’s configuration

[no] source profile_name Adds the specified source address to the rule.

[no] to zone_name Specifies the destination zone.

[no] user username Adds the specified user to the rule.

previous next