Cisco Cisco Packet Data Interworking Function (PDIF)
ACS Rulebase Configuration Mode Commands
firewall no-ruledef-matches ▀
Command Line Interface Reference, StarOS Release 18 ▄
717
firewall no-ruledef-matches
This command allows you to configure the default action for packets when no Stateful Firewall ruledef matches.
Important:
In StarOS 8.0, this command is available in the ACS Configuration Mode. In StarOS 8.1 and StarOS
8.3, use this command for Rulebase-based Firewall-and-NAT configuration. In StarOS 8.1 and StarOS 9.0 and later
releases, for Policy-based Firewall-and-NAT configuration, use the
releases, for Policy-based Firewall-and-NAT configuration, use the
access-rule no-ruledef-matches
command
available in the Firewall-and-NAT Policy Configuration Mode.
Product
PSF
NAT
Privilege
Security Administrator, Administrator
Mode
Exec > ACS Configuration > Rulebase Configuration
active-charging service service_name > rulebase rulebase_name
Entering the above command sequence results in the following prompt:
[local]host_name(config-rule-base)#
Syntax
firewall no-ruledef-matches { downlink | uplink } action { deny [ charging-action
charging_action_name ] | permit [ bypass-nat | nat-realm nat_realm_name ] }
charging_action_name ] | permit [ bypass-nat | nat-realm nat_realm_name ] }
default firewall no-ruledef-matches { downlink | uplink } action
default
Configures the default action for packets with no Stateful Firewall ruledef match.
downlink | uplink
Specifies the packet type:
downlink
: Downlink (from network to subscriber) packets with no Stateful Firewall ruledef match.
Default:
deny
uplink
: Uplink (from subscriber to network) packets with no Stateful Firewall ruledef match.
Default:
permit
action { deny [ charging-action charging_action_name ] | permit [ bypass-nat |
nat-realm nat_realm_name ] }
nat-realm nat_realm_name ] }
Specifies the default action for packets with no Stateful Firewall ruledef match.
permit [ bypass-nat | nat-realm nat_realm_name ]
: Permit packets.
Important:
The
bypass-nat
keyword is only available in StarOS 8.3 and later releases.