Defining An Aspf Policy - 3Com 3C13636 Configuration Manual

3Com Router 3000 Ethernet Family
Configuration Guide
Table 6-8 Configure ACL
Configure ACL (in ACL view)
Apply ACL to external interface (in
interface view)

6.3.3 Defining an ASPF Policy

Define an ASPF policy according to the following steps:
Create an ASPF policy
Configure aging-time value
Configure application layer protocol detection
Configure general TCP or UDP detection
I. Creating an ASPF policy
Perform the following configuration in system view.
Table 6-9 Create an ASPF policy
Create an ASPF policy and enter its view
Delete the created ASPF policy
The aspf-policy-number argument ranges from 1 to 99.
II. Configuring aging-time value
Perform the following configuration in ASPF policy view.
Table 6-10 Configure aging-time value
Configure aging-time value
Restore the default aging-time value
This task is used to configure waiting timeout value in SYN state and FIN state of TCP,
free timeout value of TCP and UDP session entries. The default timeout time of syn, fin,
tcp and udp are 30s, 5s, 3600s and 30s respectively.
Operation
Operation
Operation
3Com Corporation
6-12
Chapter 6 Firewall Configuration
Command
rule deny
firewall packet-filter
inbound
Command
aspf-policy aspf-policy-number
undo aspf-policy aspf-policy-number
Command
aging-time { syn | fin | tcp | udp }
seconds
undo aging-time { syn | fin | tcp | udp }
acl-num