Cisco Cisco Packet Data Gateway (PDG)
firewall tcp-idle-timeout-action
This command allows you to configure the Stateful Firewall action to be taken on TCP idle timeout expiry.
In StarOS 8.1 and StarOS 8.3, use this command for Rulebase-based Firewall-and-NAT configuration.
In StarOS 8.1 and StarOS 9.0 and later releases, for Policy-based Firewall-and-NAT configuration, this
command is available in the Firewall-and-NAT Policy Configuration Mode.
In StarOS 8.1 and StarOS 9.0 and later releases, for Policy-based Firewall-and-NAT configuration, this
command is available in the Firewall-and-NAT Policy Configuration Mode.
Important
Product
PSF
Privilege
Security Administrator, Administrator
Command Modes
Exec > ACS Configuration > Rulebase Configuration
active-charging service service_name > rulebase rulebase_name
Entering the above command sequence results in the following prompt:
[local]
host_name
(config-rule-base)#
Syntax Description
firewall tcp-idle-timeout-action { drop | reset }
default firewall tcp-idle-timeout-action
default firewall tcp-idle-timeout-action
default
Configures this command with its default setting.
Default: reset
drop
Specifies to drop the packet or session on TCP timeout expiry.
reset
Specifies to send reset on TCP timeout expiry.
Usage Guidelines
Use this command to configure action to take on TCP idle timeout expiry.
Examples
The following command configures action to take on TCP idle timeout expiry to drop:
firewall tcp-idle-timeout-action drop
firewall tcp-idle-timeout-action drop
Command Line Interface Reference, Modes A - B, StarOS Release 19
670
ACS Rulebase Configuration Mode Commands
firewall tcp-idle-timeout-action