ZyXEL Communications 3.1 ユーザーズマニュアル
Chapter 16 Firewall
ZyWALL (ZLD) CLI Reference Guide
134
16.2 Firewall Commands
The following table identifies the values required for many of these commands. Other input values
are discussed with the corresponding commands.
are discussed with the corresponding commands.
The following table describes the commands available for the firewall. You must use the
configure terminal
command to enter the configuration mode before you can use the
configuration commands. Commands that do not have IPv6 specified in the description are for IPv4.
Table 65
Input Values for General Firewall Commands
LABEL
DESCRIPTION
address_object
The name of the IP address (or address group) object. You may use 1-31
alphanumeric characters, underscores(
alphanumeric characters, underscores(
_
), or dashes (-), but the first character
cannot be a number. This value is case-sensitive.
address6_object
The name of the IPv6 address (or address group) object. You may use 1-31
alphanumeric characters, underscores(
alphanumeric characters, underscores(
_
), or dashes (-), but the first character
cannot be a number. This value is case-sensitive.
user_name
The name of a user (group). You may use 1-31 alphanumeric characters,
underscores(
underscores(
_
), or dashes (-), but the first character cannot be a number. This value
is case-sensitive.
zone_object
The name of the zone. For the ZyWALL USG 300 and above, use up to 31 characters
(a-zA-Z0-9_-). The name cannot start with a number. This value is case-sensitive.
(a-zA-Z0-9_-). The name cannot start with a number. This value is case-sensitive.
The ZyWALL USG 200 and lower models use pre-defined zone names like DMZ, LAN1,
SSL VPN, WLAN, IPSec VPN, OPT, and WAN.
SSL VPN, WLAN, IPSec VPN, OPT, and WAN.
rule_number
The priority number of a firewall rule. 1 - X where X is the highest number of rules
the ZyWALL model supports. See the ZyWALL’s User’s Guide for details.
the ZyWALL model supports. See the ZyWALL’s User’s Guide for details.
schedule_object
The name of the schedule. You may use 1-31 alphanumeric characters,
underscores(
underscores(
_
), or dashes (-), but the first character cannot be a number. This value
is case-sensitive.
service_name
The name of the service (group). You may use 1-31 alphanumeric characters,
underscores(
underscores(
_
), or dashes (-), but the first character cannot be a number. This value
is case-sensitive.
Table 66
Command Summary: Firewall
COMMAND
DESCRIPTION
[no] firewall asymmetrical-route activate
Allows or disallows asymmetrical route topology.
[no] connlimit max-per-host <1..8192>
Sets the highest number of sessions that the ZyWALL
will permit a host to have at one time. The
will permit a host to have at one time. The
no
command removes the settings.
firewall rule_number
Enters the firewall sub-command mode to set a
firewall rule. See
firewall rule. See
for the sub-
commands.
firewall zone_object {zone_object|ZyWALL} rule_number
Enters the firewall sub-command mode to set a
direction specific through-ZyWALL rule or to-ZyWALL
rule. See
direction specific through-ZyWALL rule or to-ZyWALL
rule. See
commands.
firewall zone_object {zone_object|ZyWALL} append
Enters the firewall sub-command mode to add a
direction specific through-ZyWALL rule or to-ZyWALL
rule to the end of the global rule list. See
direction specific through-ZyWALL rule or to-ZyWALL
rule to the end of the global rule list. See
for the sub-commands.