Support User Manuals

Enterasys Networks XSR CLI Router User Manual

Open as PDF

of 684

Firewall Feature Set Commands

XSR CLI Reference Guide 16-121

Syntax

ip firewall logging event-threshold 0-7

Syntax of the “no” Form

Thenoformofthiscommandsetsfirewallloggingtothedefaultvalue:

no ip firewall logging event-threshold

Default

Level3‐Alldeniesandseriesfaultsarelogged

Mode

Globalconfiguration:XSR(config)#

Example

ThisexamplesetsfirewallloggingforallmessagesNoticelevel:

XSR(config)#ip firewall logging 5

ip firewall network

ThiscommanddefinesanetworkobjectspecifyinganetworkorhostIPaddressoraddressgroup

(baseandsubnetmaskorstartandendIPaddress)thatistaggedasinternalorexternal.Naminga

locationishelpfulinusingthisobjectforrulesindicatinganyinternal/externalnetwork.

Networkobjectsare

referencedbythenamewithinthepolicyandnetworkgroupobjects.Define

networkobjectsforinternalhostsandnetworks.Anameforanyfirewallobjectmustusethese

alpha‐numericcharactersonly:

A‐Z(upperorlowercase),0‐9,-(dash),or _(underscore).

event-

threshold

Eventsofseverityequaltoorlesserthanthes p ecifiedvaluelogasfollows:

• Level0:Emergency

• Level1:Alert

• Level2:Critical‐alarmssuchasfailuretoallocatememoryduringinitializiation

areloggedifsystemloggingisenabledandfirewallloggingissettolevel2

orhigher

• Level3:Error‐abnormal

anddenyalarmsareloggedifsystemloggingisset

atMEDIUMorHIGHandfirewallloggingislevel5orhigher

• Level4:Warning‐normalandpermitalarmsareloggedifsystemloggingis

setatLOWandfirewallloggingislevel4orhigher

• Level5:Notice

• Level6:Information

• Level7:Debug

previous next