[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Stateful Firewall Filter Actions

Table 70 and Table 75 list actions you can specify in stateful firewall filter terms.

Table 70: Stateful Firewall Filter Actions

Actions

Description

accept

Accepts the packet and send it to its destination.

allow-ip-options [ values ]

Accepts the packet if the IP Option header of the packet contains a value that matches one of the specified values. If this action is not included, only packets without IP options are accepted. This action can be specified only with the accept action.

You can specify the IP option as text or a numeric value: any (0), ip-security (130), ip-stream (8), loose-source-route (3), route-record (7), router-alert (148), strict-source-route (9), and timestamp (4).

discard

Does not accept the packet, and do not process it further.

reject

Does not accept the packet, and sends a rejection message. UDP sends an ICMP unreachable code and RCP sends RST. Rejected packets can be logged or sampled.

syslog

Records information in the system logging facility. This action can be used with all options except discard.

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]