Cisco Cisco Packet Data Interworking Function (PDIF) Manual De Mantenimiento

Generally Available    06-30-2010

Modified Configuration Commands

3-117

This command configures firewall protection from MIME Flooding attacks. In 8.0 this 
command was available in the Active Charging Service Configuration mode. In 8.1 it was 
moved to the Rulebase Configuration mode.

firewall mime-flood { http-headers-limit max_limit | 

max-http-header-field-size max_size }

This functionality is not supported at this time on the Web Element Manager.

This command configures the default action for packets when no Firewall ruledef matches. 

In 8.0 this command was available in the Active Charging Service Configuration mode. In 
8.1 it is moved to the Rulebase Configuration mode.

The 

keyword was added to this command. This enables to optionally specify a 

NAT realm to be used for performing NAT on subscriber packets.

charging-action charging_action ] | permit [ nat-realm nat_realm ] }

This functionality is not supported at this time on the Web Element Manager.

This command adds and specifies the priority and type of a firewall rule definition in the 
rulebase, and allows to configure a single or range of ports to be allowed on the server for 
auxiliary/data connections.

The 

keyword was added to this command. This enables to optionally specify a 

NAT realm to be used for performing NAT on subscriber packets matching the firewall 
ruledef.

firewall priority priority [ dynamic-only | static-and-dynamic ] 

firewall-ruledef firewall_ruledef { { deny [ charging-action 

charging_action ] } | { permit [ nat-realm nat_realm | trigger open-port { 

aux_port_number | range start_port_number to end_port_number } direction { 

no firewall priority priority

This functionality is not supported at this time on the Web Element Manager.