Cisco Cisco Prime IP Express 8.3 Technical References
nrcmd> cdns-firewall HandleMissing set action=drop aaaa-response=64:ff9b::10
Status
See Also
Attributes
Attributes
Specifies the IPv4 address to use as a response to a query for
an A resource record. Only applies to redirect and redirect-nxdomain
actions.
an A resource record. Only applies to redirect and redirect-nxdomain
actions.
Specifies the IPv6 address to use as a response to a query for
a AAAA resource record. Only applies to redirect and
redirect-nxdomain actions.
a AAAA resource record. Only applies to redirect and
redirect-nxdomain actions.
(refuse=1, redirect=2, drop=4, redirect-nxdomain=5, rpz=6) default = drop
Specifies what kind of action to take when this rule is executed.
drop - Ignore/drop this query completely.
refuse - Respond with no data and the REFUSED status.
redirect - Redirect A/AAAA queries to the specified IP address.
redirect-nxdomain - Redirect A/AAAA queries if the query domain
does not exist.
rpz - Use Response Policy Zone (RPZ) rules.
drop - Ignore/drop this query completely.
refuse - Respond with no data and the REFUSED status.
redirect - Redirect A/AAAA queries to the specified IP address.
redirect-nxdomain - Redirect A/AAAA queries if the query domain
does not exist.
rpz - Use Response Policy Zone (RPZ) rules.
client-acl
Lists the clients that will be redirected by this rule.
(obj(0))
Lists the domains that will be redirected by this rule. Sub-domains of
the listed domains are also redirected. If the list is empty, all
domains will match this rule. Does not apply to the nxdomain action.
the listed domains are also redirected. If the list is empty, all
domains will match this rule. Does not apply to the nxdomain action.
name
required,unique
Specifies the name of a redirect rule. The allowed characters
include a-z, A-Z, 0-9, ., -, _, and +.
include a-z, A-Z, 0-9, ., -, _, and +.
default = 0
Specifies the rule priority relative to other rules.
The lowest non-zero value has the highest priority.
A priority of 0 (the default) has the lowest
possible priority.
The lowest non-zero value has the highest priority.
A priority of 0 (the default) has the lowest
possible priority.
rpz-override
(none=0, drop=1, no-op=2, nodata=3, nxdomain=4, redirect=5) default = none
Specifies an override clause for responses matching RPZ rules.
Overrides cause the response to differ from that stated in the
RPZ zone.
none - No override (default).
drop - Overrides all RPZ rule matches by dropping the
request.
no-op - Overrides all RPZ rule matches by following normal
request processing (white listing RPZ rules).
nodata - Overrides all RPZ rule matches to return NODATA.
nxdomain - Overrides all RPZ rule matches to return NXDOMAIN.
redirect - Overrides all RPZ rule matches to be redirected
to FQDN specified in rpz-override-redirect.
Overrides cause the response to differ from that stated in the
RPZ zone.
none - No override (default).
drop - Overrides all RPZ rule matches by dropping the
request.
no-op - Overrides all RPZ rule matches by following normal
request processing (white listing RPZ rules).
nodata - Overrides all RPZ rule matches to return NODATA.
nxdomain - Overrides all RPZ rule matches to return NXDOMAIN.
redirect - Overrides all RPZ rule matches to be redirected
to FQDN specified in rpz-override-redirect.
rpz-override-redirect