security firewall name <name> rule <rule-number> session application firewall <app-firewall>
Specify match by application firewall for a firewall rule within a session.
- name
- The name of a firewall rule set.
- rule-number
- The numeric identifier of a rule. The identifier ranges from 1 through 9999.
- app-firewall
- Matches packets by application firewall. The name of the application firewall is configured by using the security application firewall name command.
Configuration mode
security {
firewall {
name name {
rule rule-number {
session {
application {
firewall app-firewall
}
}
}
}
}
}
Use the set form of this command to specify the application firewall to run for a firewall rule within a session.
When this rule is matched, a session will be created and the named application firewall will be run. The application firewall will return either a "match" or "no-match". If "match" is returned, then packets are forwarded for the session, otherwise they are dropped. Note the packets will be forwarded until the DPI function has decided it has enough information to determine the application name.
Use the delete form of this command to delete the application firewall to run for a firewall rule within a session.
Use the show form of this command to display the application firewall for a firewall rule within a session.