Digi TransPort User Manual page 577

pass-ifup
The
pass-ifup
firewall but only if the link is already active.
debug
The
debug
that for every matching rule that is encountered from this point in the script onwards, an entry
will be placed in the pseudo-file FWLOG.TXT.
dscp
The
dscp
according to this rule. The DSCP value of a packet indicates the type of service required and is
used in conjunction with QOS (Quality of Service) functions. A decimal or hex number must
follow the
vdscp
The
vdscp
DSCP value in a packet. The difference however is that this is a virtual change only which
means that the actual packet is not changed, and that the packet is processed as if it had the
DSCP value as indicated. Like the dscp action, a decimal or hex number must follow.
[in-out]
The
[in-out]
inbound or outbound packets. When the field is left blank the rule is applied to any packet
irrespective of its direction.
[options]
The
[options]
matching the rule. These are:
log
When the
processes a packet that matches the rule. This log will normally detail the rule that was
matched along with a summary of the packet contents. If the
body sub-option, the complete IP packet is entered into the
displayed, a more detailed decode of the IP packet is shown.
The
log
output. This may either be
If
snmp
generated when a packet matches the rule.
If
syslog
This message will contain the same information as that entered into the log file, but in a
different format.
If the
body
Note that the size of the syslog message is limited to the maximum of 1024 bytes. The syslog
message is sent with default priority value of 14, which expands out to facility of USER, and
priority INFO.
If
event
the FWLOG.TXT file. The event log entry will contain the line number and hit count for the rule
that caused the packet to be logged.
Digi TransPort User Guide
action allows outbound packets that match the rule to pass through the
action causes the unit to tag any packets matching the rule for debug. This means
action causes any packets matching this rule to have its DSCP value adjusted
keyword to indicate the value that should be set.
dscp
action is very similar to the
field can be in or out and is used to specify whether the action applies to
field is used to define a number of options that may be applied to packets
option is specified, the unit will place an entry in the FWLOG.TXT file each time it
log
field may also be followed by a further sub-option that specifies a different type of log
snmp
is specified an SNMP trap (containing similar information to the normal log entry), is
is specified, a syslog message is sent to the configured syslog manager IP address.
option has also been specified, some of the IP packet information is also included.
is specified the log output will be copied to the EVENTLOG.TXT pseudo-file as well as
action as described above in that it adjusts the
dscp
, or
.
syslog event
option is followed by the
log
file so that when the log file is
log
577