Manualshelf

Product specifications

ManualsBrandsEfficient Networks ManualsComputer equipmentRouter family Command line interface
171172173174175176177178179180
Efficient Networks
®
Router family
Technical Reference Guide
Chapter 5: System Security
Efficient Networks
®
Page 5-39
Rule Modification
To modify a previously entered rule, the following command structure is used.
-> firewall modify <allow | deny> <number> <parameters>
When modifying the rule, it is not necessary to enter the parameters that will not be
modified. The firewall rule number can be viewed by using the firewall list command.
For example, to change the source port of the following rule (#16):
16. firewall allow -p tcp -sp 161 -da 121.168.2.109 -c 0
-q -d out
Only the following parameters are required:
-> firewall modify 16 allow -sp 168
The following parameters can be used to modify an existing firewall rule:
NOTE:
If a firewall rule is modified to deny something that was previously allowed by a
firewall allow rule, the change will only apply to subsequent sessions; current
sessions will not be effected. When modifying a rule to allow what was previously
denied, the changes will be in effect for current sessions.
allow | deny - This parameter defines the list the firewall rule belongs.
number - This is the number corresponding to the rule that needs to be modified.
-> firewall modify allow 7 -ac deny
parameters - The following paragraphs identify the <parameter>s for modification:
Action - Changes the action taken on the packet when the rule is matched.
Rule will move from one allow | deny rules list to the other list. This parameter
must be preceded by
-ac.
-ac allow | deny
Protocol - Re-defines protocol a packet must have.
-p <protocol> | tcp | udp | icmp | <protocol number>