Install guide

ManualsBrandsAllied Telesis ManualsSwitchAT 8648T/2SP

Software Version 2.7.6 61

Software Version 2.7.6

C613-10462-00 REV A

show firewall policy

Syntax SHow FIREwall POLIcy[=policy-name] [COUnter] [SUMmary]

Description This command displays firewall policy settings (Figure 16, Table 8).

Figure 16: Example output from the show firewall policy command for a policy that uses

interface-based ENAPT

Policy : example

TCP Timeout (s) ................... 3600

UDP Timeout (s) ................... 1200

Other Timeout (s) ................. 1200

ICMP Unreachable Timeout (s) ...... 0

TCP Handshake Timeout Mode ........ Normal

MAC Cache Timeout (m) ............. 1440

RADIUS Limit ...................... 100

Accounting ........................ disabled

Enabled Logging Options ........... none

Enabled Debug Options ............. none

Enabled Debug Modes ............... none

Enabled Debug IP Address .......... none

Identification Protocol Proxy ..... enabled

Enabled IP options ................ none

Enhanced Fragment Handling ........ none

Enabled ICMP forwarding ........... none

Receive of ICMP PINGS ............. enabled

Number of Notifications ........... 0

Number of Deny Events ............. 0

Number of Allow Events ............ 0

Number of Active TCP Opens ........ 0

Number of Active Sessions ......... 0

Cache Hits ........................ 0

Discarded ICMP Packets ............ 0

SMTP Domain ....................... not set

FTP Data Port ..................... RFC enforced

TCP Setup Proxy ................... enabled

UPNP .............................. disabled

WAN interfaces .................. none

LAN interfaces .................. none

Maximum port maps ............... 250

SIP ALG ........................... disabled

Private Interface : vlan2

Trust Private ................... yes

Public Interface : vlan3

Method .......................... dynamic

NAT ............................. enapt

Method ........................

Private Interface ............. vlan2

Global IP ..................... 192.168.2.3

Table 8: New and changed parameters in output of the show firewall policy command

Parameter Meaning

ICMP Unreachable Timeout The number of seconds before the firewall deletes a session

after it receives an ICMP unreachable message for that

session.

NAT The type of network address translation that the policy

performs. If the policy performs ENAPT, “enapt” is

displayed.