Cisco Cisco Packet Data Interworking Function (PDIF)
ACS Rulebase Configuration Mode Commands
firewall tcp-first-packet-non-syn ▀
Command Line Interface Reference, StarOS Release 16 ▄
701
firewall tcp-first-packet-non-syn
This command allows you to configure the action to take on TCP flows starting with a non-syn packet.
Important:
In StarOS 8.1 and StarOS 8.3, use this command for Rulebase-based Firewall-and-NAT
configuration. In StarOS 8.1 and StarOS 9.0 and later releases, for Policy-based Firewall-and-NAT configuration, this
command is available in the Firewall-and-NAT Policy Configuration Mode.
command is available in the Firewall-and-NAT Policy Configuration Mode.
Product
PSF
Privilege
Security Administrator, Administrator
Mode
Exec > ACS Configuration > Rulebase Configuration
active-charging service service_name > rulebase rulebase_name
Entering the above command sequence results in the following prompt:
[local]host_name(config-rule-base)#
Syntax
firewall tcp-first-packet-non-syn { drop | reset }
default firewall tcp-first-packet-non-syn
default
Configures this command with its default setting.
Default:
Default:
drop
drop
Specifies to drop the packet or session.
reset
Specifies to send reset.
Usage
Use this command to configure action to take on TCP flow starting with a non-syn packet.
Example
The following command configures action to take on TCP flow starting with a non-syn packet to drop:
firewall tcp-first-packet-non-syn drop