Cisco Cisco Packet Data Gateway (PDG) Prospecto
show active-charging
▀ show active-charging fw-and-nat policy name
▄ Cisco ASR 5x00 Statistics and Counters Reference
2606
Field
Description
Type
Indicates the ruledef type.
FD: Firewall Dynamic Ruledef — Predefined and disabled rules that can
be enabled/disabled by the policy server.
be enabled/disabled by the policy server.
FS: Firewall Static Ruledef — Predefined and enabled rules that cannot be
modified by the policy server.
modified by the policy server.
FSDP: Firewall Static & Dynamic Ruledef —Predefined and enabled rules
that can be enabled/disabled by the policy server.
that can be enabled/disabled by the policy server.
Priority
Priority of the access ruledef in the Firewall-and-NAT policy.
Charging-action/ Fw-and-nat-action
The charging action (C) or the fw-and-nat action (F) configured with the access
ruledef.
ruledef.
Port-trigger aux-ports:direction
The auxiliary ports open for traffic, and the direction from which the auxiliary
connection is initiated.
connection is initiated.
NAT-Realm
Name of the NAT realm.
Firewall Configuration
Dos-Protection
Source-Route
Indicates status of protection against IP Source Route IP Option attacks.
Win-Nuke
Indicates status of protection against Win Nuke attacks.
Mime-Flood
Indicates status of protection against MIME Flood attacks.
FTP-Bounce
Indicates status of protection against FTP Bounce attacks.
IP-Unaligned-Timestamp
Indicates status of protection against IP Unaligned Timestamp attacks.
TCP-Window-Containment
Indicates status of protection against TCP Window Containment.
Teardrop
Indicates status of protection against Teardrop attacks.
UDP Flooding
Indicates status of protection against UDP Flooding attacks.
ICMP Flooding
Indicates status of protection against ICMP Flooding attacks.
SYN Flooding
Indicates status of protection against SYN Flooding attacks.
Port Scan
Indicates status of protection against Port Scan attacks.
IPv6 Extension Headers Limit
Indicates status of protection against maximum limit of IPv6 extension headers in
an IPv6 packet. An IPv6 packet can contain zero or more extension headers.
an IPv6 packet. An IPv6 packet can contain zero or more extension headers.
IPv6 Hop By Hop Options
Indicates status of protection against IPv6 packets containing hop-by-hop extension
header options.
header options.
Hop By Hop Router Alert Option
Indicates status of protection against IPv6 packets containing router alert
hop-by-hop option.
hop-by-hop option.
Hop By Hop Jumbo Payload Option
Indicates status of protection against IPv6 packets containing jumbo payload
hop-by-hop option.
hop-by-hop option.
Invalid Hop By Hop Options
Indicates status of protection against IPv6 packets containing invalid hop-by-hop
options.
options.