User's Manual

ManualsBrandsZyXEL ManualsSoftwareCommunications Network Router NOT AVAILABLE

131

132

133

134

135

136

137

138

139

140

Chapter 20 Application Patrol

NXC CLI Reference Guide

131

20.2.3.1 Exception Rule Sub-commands

The following table describes the sub-commands for several application patrol exception rule

commands. Note that not all rule commands use all the sub-commands listed here.

20.2.4 Other Application Commands

This table lists the commands for other applications in application patrol.

Table 66 app patrol exception rule Sub-commands

COMMAND DESCRIPTION

access {forward | drop | reject} Specifies the action when traffic matches the rule.

[no] action-block

{login|message|audio|video|file-transfer}

Blocks use of a specific feature.

[no] activate Turns on this rule. The no command turns off this

rule.

bandwidth {inbound | outbound}

<0..1048576>

Limits inbound or outbound bandwidth, in kilobits

per second. 0 disables bandwidth management for

traffic matching this rule.

[no] bandwidth excess-usage Enables maximize bandwidth usage to let the traffic

matching this policy “borrow” any unused

bandwidth on the out-going interface.

bandwidth priority <1..7> Set the priority for traffic that matches this rule. The

smaller the number, the higher the priority.

[no] destination address_object Adds the specified destination address to the rule.

[no] from zone_name Specifies the source zone.

[no] inbound-dscp-mark {<0..63> | class

{default | dscp_class}}

This is how the NXC handles the DSCP value of

the outgoing packets to a connection’s initiator that

match this policy.

Enter a DSCP value to have the NXC apply that

DSCP value. Set this to the class default to have

the NXC set the DSCP value to 0.

[no] log [alert] Creates log entries (and alerts) for traffic that

matches the rule. The

no command does not

create any log entries.

[no] outbound-dscp-mark {<0..63> | class

{default | dscp_class}}

This is how the NXC handles the DSCP value of

the outgoing packets from a connection’s initiator

that match this policy.

Enter a DSCP value to have the NXC apply that

DSCP value. Set this to the class default to have

the NXC set the DSCP value to 0.

port <0..65535> Specifies the destination port. 0 means any.

[no] schedule schedule_name Adds the specified schedule to the rule.

show Displays the rule’s configuration

[no] source address_object Adds the specified source address to the rule.

[no] to zone_name Specifies the destination zone.

[no] user username Adds the specified user to the rule.

Table 67 app Commands: Other Applications

COMMAND DESCRIPTION

app other {del | forward | drop | reject} Specifies the default action for other applications.