Install guide
68 Firewall Enhancements Release Note
Software Version 2.7.5
C613-10454-00 REV A
disable firewall policy debug
Syntax DISable FIREwall POLIcy[=policy-name]
DEBug={ALL|ARP|HTTP|PACKET|PKT|PROCESS|PROXY|SMTP|
RADius|TCP|UPNP|SIPAlg}
[DEBUGMode={ALL|ERRORcode|MESSage|PARSing|TRAce}]
Description The new sipalg option on the debug parameter specifies that SIP ALG
debugging is disabled.
The new debugmode parameter specifies one or more modes of SIP ALG
debugging to be disabled. You can specify a single mode or a comma-separated
list of modes. See Table 19 on page 69 for a description of each option. This
parameter is only valid when debug=sipalg. The default is all.
Examples To stop displaying how the firewall modifies SIP messages processed by the
voip policy, use the command:
dis fire poli=voip deb=sipa debugm=pars
enable firewall policy
Syntax ENAble FIREwall POLIcy=policy-name [ACCounting]
[FRAgment={ICMP|UDP|OTHER}[,...]]
[ICMP_Forwarding={ALL|PARAmeter|PING|SOURcequench|TIMEE
xceeded|TIMEStamp|UNREachable}]
[LOG={ALLOw|DENY|DENYDump|EVERYDeny|INAIcmp|INALlow|
INAOther|INATcp|INAUdp|INDDIcmp|INDDOther|INDDTcp|
INDDUdp|INDDump|INDEny|INDIcmp|INDOther|INDTcp|INDUdp|
OUTAIcmp|OUTAllow|OUTAOther|OUTATcp|OUTAUdp|OUTDDIcmp|
OUTDDOther|OUTDDTcp|OUTDDUdp|OUTDDump|OUTDEny|OUTDIcmp|
OUTDOther|OUTDTcp|OUTDUdp|SIPAlg}]
[OPtions={ALL|RECord_route|SECUrity|SOURcerouting|TIMES
tamp}] [PING]
where policy-name is a string 1 to 15 characters long. Valid characters are
uppercase and lowercase letters, digits and the underscore character.
Description The new sipalg option on the log parameter enables the firewall to produce log
messages when SIP ALG operations and errors occur.