Cisco Cisco Packet Data Interworking Function (PDIF) Manual De Mantenimiento
Generally Available 06-30-2010
Modified Configuration Commands
3-117
firewall mime-flood
This command configures firewall protection from MIME Flooding attacks. In 8.0 this
command was available in the Active Charging Service Configuration mode. In 8.1 it was
moved to the Rulebase Configuration mode.
command was available in the Active Charging Service Configuration mode. In 8.1 it was
moved to the Rulebase Configuration mode.
CLI (Rulebase Configuration Mode)
firewall mime-flood { http-headers-limit max_limit |
max-http-header-field-size max_size }
default firewall mime-flood { http-headers-limit |
max-http-header-field-size }
Web Element Manager Path
This functionality is not supported at this time on the Web Element Manager.
firewall no-ruledef-matches
This command configures the default action for packets when no Firewall ruledef matches.
In 8.0 this command was available in the Active Charging Service Configuration mode. In
8.1 it is moved to the Rulebase Configuration mode.
8.1 it is moved to the Rulebase Configuration mode.
The
nat-realm
keyword was added to this command. This enables to optionally specify a
NAT realm to be used for performing NAT on subscriber packets.
CLI (Rulebase Configuration Mode)
firewall no-ruledef-matches { downlink | uplink } action { deny [
charging-action charging_action ] | permit [ nat-realm nat_realm ] }
default firewall no-ruledef-matches { downlink | uplink } action
Web Element Manager Path
This functionality is not supported at this time on the Web Element Manager.
firewall priority
This command adds and specifies the priority and type of a firewall rule definition in the
rulebase, and allows to configure a single or range of ports to be allowed on the server for
auxiliary/data connections.
rulebase, and allows to configure a single or range of ports to be allowed on the server for
auxiliary/data connections.
The
nat-realm
keyword was added to this command. This enables to optionally specify a
NAT realm to be used for performing NAT on subscriber packets matching the firewall
ruledef.
ruledef.
CLI (Rulebase Configuration Mode)
firewall priority priority [ dynamic-only | static-and-dynamic ]
firewall-ruledef firewall_ruledef { { deny [ charging-action
charging_action ] } | { permit [ nat-realm nat_realm | trigger open-port {
aux_port_number | range start_port_number to end_port_number } direction {
both | reverse | same } ] } }
no firewall priority priority
Web Element Manager Path
This functionality is not supported at this time on the Web Element Manager.