Usage

[Contents] [Prev] [Next] [Index] [Report an Error]

Tag Elements Beginning with F > <from> (configuration/logical-systems/firewall/filter/term)
Usage

<configuration> <logical-systems> <firewall> <filter> <term> <from> <destination-class>...</destination-class> <destination-class-except>...</destination-class-except> <source-class>...</source-class> <source-class-except>...</source-class-except> <interface-group>...</interface-group> <interface-group-except>...</interface-group-except> <source-address>...</source-address> <destination-address>...</destination-address> <address>...</address> <source-prefix-list>...</source-prefix-list> <destination-prefix-list>...</destination-prefix-list> <prefix-list>...</prefix-list> <packet-length>...</packet-length> <packet-length-except>...</packet-length-except> <precedence>...</precedence> <precedence-except>...</precedence-except> <dscp>...</dscp> <dscp-except>...</dscp-except> <ip-options>...</ip-options> <ip-options-except>...</ip-options-except> <is-fragment/> <first-fragment/> <service-filter-hit/> <fragment-offset>...</fragment-offset> <fragment-offset-except>...</fragment-offset-except> <fragment-flags>fragment-flags</fragment-flags> <protocol>...</protocol> <protocol-except>...</protocol-except> <ttl>...</ttl> <ttl-except>...</ttl-except> <icmp-type>...</icmp-type> <icmp-type-except>...</icmp-type-except> <icmp-code>...</icmp-code> <icmp-code-except>...</icmp-code-except> <source-port>...</source-port> <source-port-except>...</source-port-except> <destination-port>...</destination-port> <destination-port-except>...</destination-port-except> <port>...</port> <port-except>...</port-except> <tcp-initial/> <tcp-established/> <tcp-flags>tcp-flags</tcp-flags> <esp-spi>...</esp-spi> <esp-spi-except>...</esp-spi-except> <ah-spi>...</ah-spi> <ah-spi-except>...</ah-spi-except> <interface>...</interface> <interface-set>...</interface-set> <forwarding-class>...</forwarding-class> <forwarding-class-except>...</forwarding-class-except> <loss-priority>...</loss-priority> <loss-priority-except>...</loss-priority-except> </from> </term> </filter> </firewall> </logical-systems> </configuration>

Description

Define match criteria.

Contents

<address>—Match IP source or destination address.

<ah-spi>—Match IPSec AH SPI value.

<ah-spi-except>—Do not match IPSec AH SPI value.

<destination-address>—Match IP destination address.

<destination-class>—Match destination class.

<destination-class-except>—Do not match destination class.

<destination-port>—Match TCP/UDP destination port.

<destination-port-except>—Do not match TCP/UDP destination port.

<destination-prefix-list>—Match IP destination prefixes in named list.

<dscp>—Match Differentiated Services (DiffServ) code point.

<dscp-except>—Do not match Differentiated Services (DiffServ) code point.

<esp-spi>—Match IPSec ESP SPI value.

<esp-spi-except>—Do not match IPSec ESP SPI value.

<first-fragment>—Match if packet is the first fragment.

<forwarding-class>—Match forwarding class.

<forwarding-class-except>—Do not match forwarding class.

<fragment-flags>—Match fragment flags (in symbolic or hex formats).

<fragment-offset>—Match fragment offset.

<fragment-offset-except>—Do not match fragment offset.

<icmp-code>—Match ICMP message code.

<icmp-code-except>—Do not match ICMP message code.

<icmp-type>—Match ICMP message type.

<icmp-type-except>—Do not match ICMP message type.

<interface>—Match interface name.

<interface-group>—Match interface group.

<interface-group-except>—Do not match interface group.

<interface-set>—Match interface in set.

<ip-options>—Match IP options.

<ip-options-except>—Do not match IP options.

<is-fragment>—Match if packet is a fragment.

<loss-priority>—Match Loss Priority.

<loss-priority-except>—Do not match Loss Priority.

<packet-length>—Match packet length.

<packet-length-except>—Do not match packet length.

<port>—Match TCP/UDP source or destination port.

<port-except>—Do not match TCP/UDP source or destination port.

<precedence>—Match IP precedence value.

<precedence-except>—Do not match IP precedence value.

<prefix-list>—Match IP source or destination prefixes in named list.

<protocol>—Match IP protocol type.

<protocol-except>—Do not match IP protocol type.

<service-filter-hit>—Match if service-filter-hit is set.

<source-address>—Match IP source address.

<source-class>—Match source class.

<source-class-except>—Do not match source class.

<source-port>—Match TCP/UDP source port.

<source-port-except>—Do not match TCP/UDP source port.

<source-prefix-list>—Match IP source prefixes in named list.

<tcp-established>—Match packet of an established TCP connection.

<tcp-flags>—Match TCP flags (in symbolic or hex formats).

<tcp-initial>—Match initial packet of a TCP connection.

<ttl>—Match IP ttl type.

<ttl-except>—Do not match IP ttl type.

[Contents] [Prev] [Next] [Index] [Report an Error]