Filter
Top Products
Chapter 10 Configuration Commands
ZyWALL (ZyNOS) CLI Reference Guide
75
config edit firewall set <set#>
rule <rule#> destport-custom
<string>
Sets the desired TCP/UDP custom port name.
1. You must first configure a TCP/UDP service name using
config edit custom-service <entry#> name
<string>.
2. Then specify the IP Protocol using config edit
custom-service <entry#> ip-protocol. The
options are TCP, UDP or TCP/UDP.
3. Use config edit custom-service <entry#>
range to set the port range(s) of the custom service.
4. After you save it you can add the custom-service to a
firewall rule.
R+B
config edit firewall set <set#>
rule <rule#> log <none|match>
Sends a log for a rule when the packet matches the rule. R+B
config edit firewall set <set#>
rule <rule#> name <string>
Edits the rule name. R+B
config edit firewall set <set#>
rule <rule#> protocol <0~255>
Edits the protocol number for a rule. R+B
config edit firewall set <set#>
rule <rule#> srcaddr-range <start-
ip><end-ip>
Edits the rule to apply to a packet with a source IP address
that falls within the specified range.
R+B
config edit firewall set <set#>
rule <rule#> srcaddr-single <ip-
address>
Edits the rule to apply to a packet with the specified source
IP address.
R+B
config edit firewall set <set#>
rule <rule#> srcaddr-subnet <ip-
address> <mask>
Edits the rule to apply to a packet with any source IP
address and subnet mask.
R+B
config edit firewall set <set#>
rule <rule#> tcp destport-any
Edits the rule to apply to a TCP packet with any destination
port. When using “?” with this command the system
crashes.
R+B
config edit firewall set <set#>
rule <rule#> tcp destport-range
<start-port><endport>
Edits the rule to apply to a TCP packet with a destination
port falling within the specified range.
For non-consecutive port numbers, users may repeat this
command line to enter the multiple port numbers.
R+B
config edit firewall set <set#>
rule <rule#> tcp destport-single
<port>
Edits the rule to apply to a TCP packet with the specified
destination port.
R+B
config edit firewall set <set#>
rule <rule#> udp destport-any
Edits the rule to apply to a UDP packet with any destination
port.
R+B
config edit firewall set <set#>
rule <rule#> udp destport-range
<start-port><endport>
Edits the rule to apply to a UDP packet with a destination
port falling within the specified range.
For non-consecutive port numbers, users may repeat this
command line to enter the multiple port numbers.
R+B
config edit firewall set <set#>
rule <rule#> udp destport-single
<port>
Edits the rule to apply to a UDP packet with the specified
destination port.
R+B
config edit firewall set <set#>
tcp-idle-timeout <timeout>
Edits the timeout for an idle TCP session before it is
terminated.
This command has no effect on firewall settings. To
configure timeout values use tos commands.
R+B
Table 27 config Command Summary (continued)
COMMAND DESCRIPTION M