Command Line Interface Reference 10-45
WS2000>admin(network.fw.policy.inb)> set
Description:
Sets inbound firewall policy parameters.
Syntax:
Example:
admin(network.fw.policy.inb)>set tp 1 gre
admin(network.fw.policy.inb)>list
-----------------------------------------------------------------------------
Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action
-----------------------------------------------------------------------------
1 209.239.160.202- 168.192.36.4- gre 1: 1: 0.0.0.0 deny
255.255.255.224 255.255.255.0 65535 65535 nat port 0
admin(network.fw.policy.inb)>set sport 1 20 21
admin(network.fw.policy.inb)>set dport 1 200 201
admin(network.fw.policy.inb)>set action 1 allow
admin(network.fw.policy.inb)>list
-----------------------------------------------------------------------------
Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action
-----------------------------------------------------------------------------
1 209.239.160.202- 168.192.36.4- gre 20:21 200: 0.0.0.0 allow
255.255.255.224 255.255.255.0 201 nat port 0
set saddr
<idx> <Ip Addr> <netmask>
Sets source IP address and IP netmask for inbound firewall policy <idx>.
daddr
<idx> <Ip Addr> <netmask>
Sets destination IP address and IP netmask for inbound firewall policy
<idx>.
tp
<idx> <tp>
Sets transport protocol for inbound firewall policy <idx> to <tp> (one of
all, tcp, udp, icmp, ah, esp, gre).
sport
<idx> <port1> [<port2>]
Sets source port range for inbound firewall policy <idx> from <port1>
(1–65535) to <port2>. If <port2> is not specified, <port1> is used as the
top end of the range.
dport
<idx> <port1> [<port2>]
Sets destination port range for inbound firewall policy <idx> from <port1>
(1–65535) to <port2>. If <port2> is not specified, <port1> is used as the
top end of the range.
rnat
<idx> <Ip Addr>
Sets reverse NAT IP address for inbound firewall policy <idx> to
<
Ip Addr> (a.b.c.d).
rport
<idx> <rport>
Sets reverse NAT port for inbound firewall policy <idx> to <rport>
(0–65535).
action
<idx>
allow/deny Sets action of inbound firewall policy <idx> to allow or deny.