Filter
Top Products
Working with public access attributes
Colubris AV-Pair attribute - Site values
action
Specify what action the rule takes when it matches incoming traffic.
The options are:
ACCEPT - Allow traffic matching this rule.
ACCEPT-MORE - Allow traffic matching this rule and allocate
extra connections (when required) to enable users to connect
with the specified address.
By default the service controller allows up to 200 TCP or UDP
connections per authenticated or unauthenticated user. If a user
has exceeded this connection limit, this parameter allows the
service controller to permit extra connections from the user
when connecting to the specified destination. Connections are
assigned from a global pool of 100 connections.
This can be used to make sure that users can always reach an
important resource on the network. For example, the following
access list definition allows additional connections as needed to
any user who is trying to reach my-web-server.com.
access-list=procurve,ACCEPT-MORE,all,my-web-server.com,80
use-access-list=procurve
DENY - Reject traffic matching this rule.
DNAT-SERVER: Traffic matching this rule is forwarded to the
destination defined by the dnat-server value. See Traffic
forwarding (dnat-server) on page 9-60 for more information.
REDIRECT: Reject traffic matching this rule and redirect the
user’s Web browser to the page specified by redirect-url, or
login-url if redirect-url is not defined. See Redirect URL on
page 9-56 for more information. For example, one use for this
feature could be to block access to a popular protocol, then
prompt the user for additional fees to activate support.
WARN: Reject traffic matching this rule and return an HTTP error
message (which is not customizable) indicating that access to
the site is not allowed by the network. For example:
Parameter Description
9-36