firewall-policy-commands

The following table summarizes the default firewall policy configuration commands:
Table 1. Firewall-Policy Config Mode Commands
Command Description
acl-logging Enables logging on flow creating traffic
alg Enables an algorithm
clamp Sets a clamp value to limit TCP MSS to inner path-MTU for tunneled packets
dhcp-offer-convert Enables the conversion of broadcast DHCP offers to unicast
dns-snoop Sets the timeout value for DNS entries
firewall Configures the wireless firewall
flow Defines a session flow timeout
ip Configures IP components on this firewall policy
ip-mac Defines an action based on IP-MAC table
ipv6 Configures IPv6 components on this firewall policy
ipv6-mac Defines an action based on IPv6-MAC table
logging Enables enhanced firewall logging
proxy-arp Enables the generation of ARP responses on behalf of another device
proxy-nd Enables the generation of ND responses (for IPv6) on behalf of another device
stateful-packet-inspection-12 Enables stateful packets-inspection in layer 2 firewall
storm-control Defines storm control and logging settings
virtual-defragmentation Enables virtual defragmentation of IPv4 packets
no Negates a command or reverts settings to their default
Note

Note

For more information on common commands (clrscr, commit, help, revert, service, show, write, and exit), see Common Commands.
Note

Note

The input parameter <HOSTNAME>, wherever used in syntaxes across this chapter, cannot include an underscore (_) character. In other words, the name of a device cannot contain an underscore.