The rule-set statement defines a collection of rules that determine what actions the packet gateway performs on packets in the data stream. You define each rule by specifying a rule name and configuring terms. Then, you specify the order of the rules by including the rule-set statement:
-
rule-set rule-set-name {
-
rule rule-name1;
-
rule rule-name2;
-
rule rule-name3;
- }
You can include this statement at the following hierarchy levels:
The packet gateway processes the rules in the order in which you specify them in the configuration. If a term in a rule matches the packet, the packet gateway performs the corresponding action and the rule processing stops. If no term in a rule matches the packet, processing continues to the next rule in the rule set. If none of the rules match the packet, the packet is dropped by default.