Cisco Cisco Packet Data Gateway (PDG)
ACS Configuration Mode Commands
access-ruledef ▀
Command Line Interface Reference, StarOS Release 17 ▄
445
access-ruledef
This command allows you to create/configure/delete access rule definitions (ruledefs).
Important:
This command is available only in StarOS 8.1 and in StarOS 9.0 and later releases, and must be used
to configure the Policy-based Stateful Firewall and NAT features.
Product
NAT
PSF
Privilege
Security Administrator, Administrator
Mode
Exec > ACS Configuration
active-charging service service_name
Entering the above command sequence results in the following prompt:
[local]host_name(config-acs)#
Syntax
access-ruledef access_ruledef_name [ -noconfirm ]
no access-ruledef access_ruledef_name
no
If previously configured, deletes the specified access ruledef.
access_ruledef_name
Specifies the access ruledef to add/configure/delete.
access_ruledef_name
must be the name of an access ruledef, and must be an alphanumeric string of 1
through 63 characters, and can contain punctuation characters. Each access ruledef must have a unique name.
If the named access ruledef does not exist, it is created, and the CLI mode changes to the Firewall-and-NAT
Access Ruledef Configuration Mode wherein the ruledef can be configured.
If the named access ruledef already exists, the CLI mode changes to the Firewall-and-NAT Access Ruledef
Configuration Mode for that access ruledef.
If the named access ruledef does not exist, it is created, and the CLI mode changes to the Firewall-and-NAT
Access Ruledef Configuration Mode wherein the ruledef can be configured.
If the named access ruledef already exists, the CLI mode changes to the Firewall-and-NAT Access Ruledef
Configuration Mode for that access ruledef.
-noconfirm
Specifies that the command must execute without prompting for confirmation.
Usage
Use this command to create/configure/delete an access ruledef. A ruledef contains different
conditions/criteria to permit, drop, or reject a packet/connection/traffic based on one or more parameters. The
ruledef name must be unique within the service. Host pool, port map, IMSI pool, and access/firewall, routing,
and charging ruledefs configured in the active charging service must all have unique names.
conditions/criteria to permit, drop, or reject a packet/connection/traffic based on one or more parameters. The
ruledef name must be unique within the service. Host pool, port map, IMSI pool, and access/firewall, routing,
and charging ruledefs configured in the active charging service must all have unique names.