Specifications
FIREWALL-POLICY 14 - 25
Following is the firewall policy ‘test’ settings after the ‘no’ command is executed:
rfs6000-380649(config-fw-policy-test)#no ip dos fraggle
rfs6000-380649(config-fw-policy-test)#no dhcp-offer-convert
rfs6000-380649(config-fw-policy-test)#no logging malformed-packet-drop
rfs6000-380649(config-fw-policy-test)#no flow timeout icmp
rfs6000-380649(config-fw-policy-test)#no flow timeout other
rfs6000-380649(config-fw-policy-test)#no logging verbose
rfs6000-380649(config-fw-policy-test)#no logging icmp-packet-drop
rfs6000-380649(config-fw-policy-test)#show context
firewall-policy test
no ip dos fraggle
no ip dos tcp-sequence-past-window
ip dos tcp-max-incomplete high 600
ip dos tcp-max-incomplete low 60
ip-mac conflict drop-only
ip-mac routing conflict log-and-drop log-level notifications
flow timeout udp 10000
flow timeout tcp established 1500
dns-snoop entry-timeout 35
rfs6000-380649(config-fw-policy-test)#
Related Commands
alg Configures algorithms used with a firewall policy
clamp Limits the TCP MSS to the MTU value of the inner protocol for tunneled packets
dhcp-offer-convert Enables the conversion of broadcast DHCP offer packets to unicast
dns-snoop Configures the DNS snoop table entry timeout
firewall Enables firewalls
flow Configures firewall flows
ip Configures IP settings
ip-mac Defines actions based on the device IP MAC table
logging Configures firewall logging
proxy-arp Enables the generation of ARP responses on behalf of other devices
stateful-packet-inspection-
12
Enables layer 2 stateful packet inspection
storm-control Configures storm control
virtual-defragmentation Configures the virtual defragmentation of packets at the firewall level