Cisco Cisco Packet Data Gateway (PDG) Wartungshandbuch
Generally Available 06-30-2010
Modified Configuration Commands
3-119
Firewall Commands - Modified in Release 8.3
I
MPORTANT
The commands documented in this section have been modified in Release 8.3.
firewall no-ruledef-matches
This command configures the default action for packets when no Firewall Ruledef matches.
The optional keyword
The optional keyword
bypass-nat
was added to this command. This enables to configure
packets permitted to pass to bypass Network Address Translation (NAT).
CLI (Rulebase Configuration Mode)
firewall no-ruledef-matches { downlink | uplink } action { deny [
charging-action charging_action ] | permit [ bypass-nat | nat-realm
nat_realm ] }
default firewall no-ruledef-matches { downlink | uplink } action
Web Element Manager Path
This functionality is not supported at this time on the Web Element Manager.
firewall priority
This command adds and specifies the priority and type of a firewall rule definition in the
rulebase, and allows to configure a single or range of ports to be allowed on the server for
auxiliary/data connections.
rulebase, and allows to configure a single or range of ports to be allowed on the server for
auxiliary/data connections.
The optional keyword
bypass-nat
was added to this command. This enables to configure
packets to bypass NAT.
CLI (Rulebase Configuration Mode)
firewall priority priority [ dynamic-only | static-and-dynamic ]
firewall-ruledef firewall_ruledef { { deny [ charging-action
charging_action ] } | { permit [ nat-realm nat_realm | [ byass-nat ] [
trigger open-port { aux_port_number | range start_port_number to
end_port_number } direction { both | reverse | same } ] ] } }
no firewall priority priority
Web Element Manager Path
This functionality is not supported at this time on the Web Element Manager.