Command Reference Guide

3Com Router 3000 Ethernet Family

Chapter 4 Firewall Configuration Commands

3Com Corporation

4-16

Parameter

aspf-policy-number: ASPF policy number used on the interface.

inbound: Applies ASPF policy in inbound direction of the interface.

outbound: Applies ASPF policy in outbound direction of the interface.

Description

Use the firewall aspf command to apply ASPF policy in specified direction to an

interface.

Use the undo firewall aspf command to delete the applied ASPF policy on the

interface.

There are two concepts in ASPF: inbound interface and outbound interface. If the

router connects with both intranet and internet, and uses ASPF to protect the servers of

intranet, the router interface connected with intranet is regarded as inbound interface

and that connected with internet is regarded as outbound interface.

When ASPF is applied on outbound interface, ASPF will refuse the access of intranet

from internet users, but the returning packets of intranet users accessing internet can

pass the detection of ASPF.

Example

# Configure ASPF firewall function in outbound direction of the interface ethernet1/0/0.

[3Com-Ethernet1/0/0] firewall aspf 1 outbound

4.2.11 log enable

Syntax

log enable

undo log enable

View

ASPF policy view

Description

Use the log enable command to enable ASPF session logging function.

Use the undo log enable command to disable logging function.

By default, session logging function is disabled.

ASPF provides enhanced session logging function, which can log all connections,

including connection time, source address, destination address, port in use and

transmitted bytes number.