Install guide
Software Version 2.9.1 73
Software Version 2.9.1
C613-10486-00 REV C
Example To limit all devices on the interface vlan2 to a maximum of 12 active sessions
per device, using the policy named “AT_Field”, use the command:
add fire poli=AT_Field lim=1 int=vlan2 srci=12
create trigger
Syntax CREate TRIGger=trigger-id
FIREwall={ALL|DOSattack|FRAgattack|HOStscan|PORtscan|
SESSION|SIPAutomax|SMTPATTACK|SMUrfattack|SYNattack|
TCPattack} [MODE={STArt|END|BOTH}] [AFTer=hh:mm]
[BEFore=hh:mm] [{DAte=date|DAYs=day-list}] [NAMe=name]
[REPeat={Yes|No|ONCe|FORever|count}]
[SCript=filename...] [STAte={ENAbled|DIsabled}]
[TEST={YES|NO|ON|OFF|True|False}]
Description This command creates a new trigger for the firewall and defines events and
conditions that activate it.
Example To create trigger 6, which activates the script file fwsipmax.scp when the SIP
ALG has reached the limit of SIP clients it is configured to support in automatic
mode, use the command:
cre trig=6 fire=sipa mode=sta sc=fwsipmax.scp
GBLRemoteip IP address of the public device or range of devices you are limiting
the sessions for. Devices must be on the public side of the firewall.
The IP address is specified using dotted decimal notation.
Default: all public devices
SCRIplimit Number of sessions matching this rule that each device is allowed.
Default: 0 (no limit set)
Parameter Description
Firewall Event Description
SIPAutomax This trigger activates when the SIP ALG reaches the limit for the
number of SIP clients it can support in automatic mode. After this
trigger is first activated, further triggers are rate limited to once
every 20 minutes. The trigger will not activate again until at least
20 minutes have passed in which the limit is not exceeded.
Note that the firewall policy and source IP address script parameters
are not valid for this type of event. You can set the mode parameter
only to start for this trigger.