Table of Contents
Advertisement
Example
The following example blocks the host when the sync packets exceed 1000 packets per second:
XSR(config-if<F2>)#ip firewall sync-attack-protect block-host threshold 1000
Firewall Show Commands
show ip firewall config
Since the firewall is configured in a two‐step process, the XSR provides a means to view the un‐
committed configuration. This command displays the firewall configuration combining existing
commands with those entered recently, which permits a view of the complete firewall
configuration with modifications.
If no firewall commands were executed since the last load then the running configuration will be
displayed.
If this command is issued after the firewall commands were entered but before a firewall load was
performed, the following text appears:
Uncommitted Firewall Configuration:
If the command is issued after a firewall load was performed, the following text appears:
Committed Firewall Configuration:
Syntax
show ip firewall config
Mode
EXEC or Privileged EXEC Mode:
Sample Output
The following is sample output of the command:
Firewall configuration
Modified but not loaded: Yes
Ip firewall network dmz 220.150.2.16/28 internal
Ip firewall network private 220.150.2.32/28 internal
!
! Log only critical events
!
ip firewall system event-threshold 3
!
! Policies: between private and dmz
!
Ip firewall policy private dmz HTTP allow
Ip firewall policy dmz private HTTP allow
Ip firewall policy private dmz SMTP allow
XSR>
or
XSR#
Firewall Show Commands
XSR CLI Reference Guide 16-133
Advertisement
Table of Contents
