Operation Manual

VigorNIC 132 Series User’s Guide
243
S
S
y
y
n
n
t
t
a
a
x
x
ipf set [Options]
ipf set [SET_NO] rule [RULE_NO] [Options]
S
S
y
y
n
n
t
t
a
a
x
x
D
D
e
e
s
s
c
c
r
r
i
i
p
p
t
t
i
i
o
o
n
n
Parameter Description
Options There are several options provided here, such as -v, -c [SET_NO], -d
[SET_NO],… and etc.
SET_NO It means to specify the index number (from 1 to 12) of filter set.
RULE_NO It means to specify the index number (from 1 to 7) of filter rule set.
-v Type “-v” to view the configuration of general set.
-c [SET_NO] It means to setup Call Filter, e.g., -c 2. The range for the index
number you can type is “0” to “12” (0 means “disable).
-d [SET_NO] It means to setup Data Filter, e.g., -d 3. The range for the index
number you can type is “0” to “12” (0 means “disable).
-l [VALUE] It means to setup Log Flag, e.g., -l 2
Type “0” to disable the log flag.
Type “1” to display the log of passed packet.
Type “2” to display the log of blocked packet.
Type “3” to display the log of non-matching packet.
- p [VALUE] It means to setup actions for packet not matching any rule, e.g., -p
1
Type “0” to let all the packets pass;
Type “1” to block all the packets.
-R <v4/v6> <Enable/Disable> Accept routing packet from WAN.
i.e: -R "v4 0" : Set Accept routing packet from WAN by IPv4 is enable
i.e: -R "v4 1" : Set Accept routing packet from WAN by IPv6 is disable
i.e: -R "v6 0" : Set Accept routing packet from WAN by IPv4 is enable
i.e: -R "v6 1" : Set Accept routing packet from WAN by IPv6 is disable
-L [VALUE] Enable/Disable Strict Security Firewall.
VALUE : 0:Disable, 1:Enable.
-C[ VALUE] Setup code page.
VALUE : code page number ('?' for more information).
-U [URL_NO] It means to configure URL content filter for the packets not
matching with any rule, e.g., -U 1
Type “0” to let all the packets pass;
Type “1” to block all the packets.
-a [AD_SET] It means to configure the advanced settings.
-f [VALUE] It means to accept large incoming fragmented UDP or ICMP packets.
VALUE : 0:Disable, 1:Enable
-E [VALUE] It means to set the maximum count (0-10000) for session limitation.
-Q [VALUE] It means to set the QoS class.
VALUE: the value from 0 to 4.
0:None, 1:Class 1, 2:Class 2, 3:Class 3, 4:Default Class
E
E
x
x
a
a
m
m
p
p
l
l
e
e
> ipf set -c 1 #set call filter start from set 1