Cisco Cisco Packet Data Gateway (PDG)
Firewall-and-NAT Policy Configuration Mode Commands
▀ firewall tcp-first-packet-non-syn
▄ Command Line Interface Reference, StarOS Release 17
5076
firewall tcp-first-packet-non-syn
This command configures Stateful Firewall action on TCP flows starting with a non-SYN packet.
Important:
In release 9.0, this command is deprecated. This configuration is available as the
firewall tcp-
fsm [ first-packet-non-syn { drop | permit | send-reset } ]
command.
Product
PSF
Privilege
Security Administrator, Administrator
Mode
Exec > ACS Configuration > Firewall-and-NAT Policy Configuration
active-charging service service_name > fw-and-nat policy policy_name
Entering the above command sequence results in the following prompt:
[local]host_name(config-fw-and-nat-policy)#
Syntax
firewall tcp-first-packet-non-syn { drop | reset }
default firewall tcp-first-packet-non-syn
default
Configures the default setting.
Default:
Default:
drop
drop
Drops the non-SYN packet.
reset
Sends reset.
Usage
Use this command to configure Stateful Firewall action on TCP flows starting with a non-SYN packet.
Example
For flows starting with a non-SYN packet, the following command specifies Stateful Firewall to drop the
non-SYN packet:
non-SYN packet:
firewall tcp-first-packet-non-syn drop