для Cisco Cisco Packet Data Gateway (PDG)
firewall no-ruledef-matches
This command allows you to configure the default action for packets when no Stateful Firewall ruledef
matches.
matches.
In StarOS 8.0, this command is available in the ACS Configuration Mode. In StarOS 8.1 and StarOS 8.3,
use this command for Rulebase-based Firewall-and-NAT configuration. In StarOS 8.1 and StarOS 9.0
and later releases, for Policy-based Firewall-and-NAT configuration, use the access-rule
no-ruledef-matches command available in the Firewall-and-NAT Policy Configuration Mode.
use this command for Rulebase-based Firewall-and-NAT configuration. In StarOS 8.1 and StarOS 9.0
and later releases, for Policy-based Firewall-and-NAT configuration, use the access-rule
no-ruledef-matches command available in the Firewall-and-NAT Policy Configuration Mode.
Important
Product
PSF
NAT
Privilege
Security Administrator, Administrator
Command Modes
Exec > ACS Configuration > Rulebase Configuration
active-charging service service_name > rulebase rulebase_name
Entering the above command sequence results in the following prompt:
[local]
host_name
(config-rule-base)#
Syntax Description
firewall no-ruledef-matches { downlink | uplink } action { deny [ charging-action charging_action_name
] | permit [ bypass-nat | nat-realm nat_realm_name ] }
default firewall no-ruledef-matches { downlink | uplink } action
default
Configures the default action for packets with no Stateful Firewall ruledef match.
downlink | uplink
Specifies the packet type:
• downlink: Downlink (from network to subscriber) packets with no Stateful Firewall ruledef match.
Default: deny
• uplink: Uplink (from subscriber to network) packets with no Stateful Firewall ruledef match.
Default: permit
Command Line Interface Reference, Modes A - B, StarOS Release 19
660
ACS Rulebase Configuration Mode Commands
firewall no-ruledef-matches