Release Note для Cisco Cisco Packet Data Gateway (PDG)
Firewall Changes in Release 15.0
Firewall Enhancements for September 30, 2013 ▀
Cisco ASR 5x00 Release Change Reference ▄
195
Firewall Command Changes as of September 30, 2013
This section provides information on Firewall command changes in release 15.0.
Important:
For more information regarding commands in this section, refer to the Command Line Interface
Reference for this release.
New Firewall Commands
This section identifies new Firewall commands available in release 15.0.
firewall dos-protection flooding
This command is configured to protect servers from mobile subscribers in uplink direction.
configure
active-charging service acs_service_name
firewall dos-protection flooding { { icmp | tcp-syn | udp } protect-servers { all |
host-pool hostpool_name } packet limit packet_limit | inactivity-timeout timeout |
uplink-sample-interval interval }
host-pool hostpool_name } packet limit packet_limit | inactivity-timeout timeout |
uplink-sample-interval interval }
default firewall dos-protection flooding { icmp | tcp-syn | udp | inactivity-
timeout | uplink-sample-interval }
timeout | uplink-sample-interval }
no firewall dos-protection flooding { icmp | tcp-syn | udp }
end
ip server-ip-address
This command configures an access ruledef to analyze user traffic based on server IP address.
configure
active-charging service acs_service_name
access-ruledef access_ruledef_name
[ no ] ip server-ip-address { operator { ipv4/ipv6_address | ipv4/ipv6_address/mask
} | { !range | range } host-pool host_pool_name }
} | { !range | range } host-pool host_pool_name }
end
sip advanced
This command enables SIP ALG to maintain the same tag parameters (from and to tag) for Authorization or Proxy
Authentication requests.
Authentication requests.
configure