Support User Manuals

ZyXEL Communications 4.04 Network Card User Manual

Open as PDF

of 204

Chapter 10 Configuration Commands

ZyWALL (ZyNOS) CLI Reference Guide

78

The following table describes the fields displayed using the config display set

command in the example above.

The following table describes the fields displayed using the config display set

<index> rule command in the example above, as well as other related fields that may

appear when configuring a rule using this command.

Table 29 config display set

LABEL DESCRIPTION

ACL set number Shows the index number of this set and the interfaces it applies

to. See

ACL set name Shows the name of this set.

ACL set number of rules Shows the number of rules in this set.

ACL set default action Shows the default action when a packet matches a rule in the

set. The options are: permit|drop|reject.

ACL pnc enable Shows whether the pnc service is enabled. This service is

currently not available.

ACL log enable Shows whether the log is enabled or not.

ACL logone enable Shows whether logone is enabled or not. This function is

currently not available.

ICMP idle timeout(s) Shows the timeout for an idle ICMP session before it is

terminated.

UDP idle timeout(s) Shows the timeout for an idle UDP session before it is

terminated.

TCP connection timeout(s) Shows the connection timeout for traffic to which a rule in the

set applies.

TCP FIN-wait timeout(s) Shows the wait time for FIN when concluding a TCP session

before it is terminated.

TCP idle timeout(s) Shows the timeout for an idle TCP session before it is

terminated.

Table 30 config display set <index> rule <rule#>

LABEL DESCRIPTION

ACL rule number Shows the index number of this rule.

ACL rule active Shows whether this rule is active or not.

ACL rule action Shows the action taken when a packet matches a rule. The

options are: permit|drop|reject.

ACL rule protocol Shows the protocol number this rule applies to. They range

from 0~255. For example, 1=ICMP, 6=TCP, 17=UDP, see

RFC791.

ACL rule log Shows whether the logging of packets matching the rule is

enabled or not.

ACL rule alert Shows whether or not an alert is sent when a packet matches

the rule.

Source Single IP address Shows the source IP address of packets to which the rule

applies.

Source IP address,

subnet mask

Shows the source IP address and subnet mask of packets to

which the rule applies.

previous next