Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

security firewall name <name> rule <rule-number> session application firewall <app-firewall>

Specify match by application firewall for a firewall rule within a session.

set security firewall name name rule rule-number session application firewall app-firewall
delete security firewall name name rule rule-number session application firewall app-firewall
show security firewall name name rule rule-number session application firewall
name
The name of a firewall rule set.
rule-number
The numeric identifier of a rule. The identifier ranges from 1 through 9999.
app-firewall
Matches packets by application firewall. The name of the application firewall is configured by using the security application firewall name command.

Configuration mode


security {
       firewall {
              name name {
                     rule rule-number {
                            session {
                                   application {
                                          firewall app-firewall 
                                          
                                   }
                            }
                     }
              }
       }
}

Use the set form of this command to specify the application firewall to run for a firewall rule within a session.

When this rule is matched, a session will be created and the named application firewall will be run. The application firewall will return either a "match" or "no-match". If "match" is returned, then packets are forwarded for the session, otherwise they are dropped. Note the packets will be forwarded until the DPI function has decided it has enough information to determine the application name.

Use the delete form of this command to delete the application firewall to run for a firewall rule within a session.

Use the show form of this command to display the application firewall for a firewall rule within a session.