ZyXEL Communications 3.1 User Manual
Chapter 20 Application Patrol
ZyWALL (ZLD) CLI Reference Guide
168
20.2.5.1 Other Rule Sub-commands
The following table describes the sub-commands for several application patrol other rule
commands. Note that not all rule commands use all the sub-commands listed here.
commands. Note that not all rule commands use all the sub-commands listed here.
20.2.6 General Commands for Application Patrol
Note: You must register for the IDP/AppPatrol signature service (at least the trial) before
you can use it. See
Table 89
app patrol other rule Sub-commands
COMMAND
DESCRIPTION
[no] activate
Turns on this rule. The
no
command turns off this rule.
[no] port <0..65535>
Specifies the destination port. 0 means any.
[no] schedule profile_name
Adds the specified schedule to the rule.
[no] user username
Adds the specified user to the rule.
[no] from zone_name
Specifies the source zone.
[no] to zone_name
Specifies the destination zone.
[no] source profile_name
Adds the specified source address to the rule.
[no] destination profile_name
Adds the specified destination address to the rule.
[no] protocol {tcp | udp}
Adds the specified protocol to the rule.
access {forward | drop | reject}
Specifies the action when traffic matches the rule.
[no] action-block
{login|message|audio|video|file-transfer}
Blocks use of a specific feature.
bandwidth {inbound|outbound} <0..1048576>
Limits inbound or outbound bandwidth, in kilobits per second. 0
disables bandwidth management for traffic matching this rule.
disables bandwidth management for traffic matching this rule.
[no] bandwidth excess-usage
Enables maximize bandwidth usage to let the traffic matching this
policy “borrow” any unused bandwidth on the out-going interface.
policy “borrow” any unused bandwidth on the out-going interface.
bandwidth priority <1..7>
Set the priority for traffic that matches this rule. The smaller the
number, the higher the priority.
number, the higher the priority.
[no] inbound-dscp-mark {<0..63> | class
{default | dscp_class}}
This is how the ZyWALL handles the DSCP value of the outgoing
packets to a connection’s initiator that match this policy.
packets to a connection’s initiator that match this policy.
Enter a DSCP value to have the ZyWALL apply that DSCP value.
Set this to the class default to have the ZyWALL set the DSCP
value to 0.
Set this to the class default to have the ZyWALL set the DSCP
value to 0.
[no] log [alert]
Creates log entries (and alerts) for traffic that matches the rule.
The
The
no
command does not create any log entries.
[no] outbound-dscp-mark {<0..63> | class
{default | dscp_class}}
This is how the ZyWALL handles the DSCP value of the outgoing
packets from a connection’s initiator that match this policy.
packets from a connection’s initiator that match this policy.
Enter a DSCP value to have the ZyWALL apply that DSCP value.
Set this to the class default to have the ZyWALL set the DSCP
value to 0.
Set this to the class default to have the ZyWALL set the DSCP
value to 0.
show
Displays the rule’s configuration