Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

security firewall name <name> rule <rule-number> session application type <type>

For a session, specifies match by application type for a firewall rule.

set security firewall name name rule rule-number session application type type
delete security firewall name name rule rule-number session application type type
show security firewall name name rule rule-number session application type
name
The name of a firewall rule set.
rule-number
The numeric identifier of a rule. The identifier ranges from 1 through 9999.
type
Matches packets by application type. The application type provides access to less granular groups of DPI classifications such as analytics, database, social networking. An application can have multiple application types. You can configure a single application type to be matched from a list of DPI engine application types at the most granular level.

Configuration mode


security {
       firewall {
              name name {
                     rule rule-number {
                            session {
                                 application {
                                      type type 
                                 }     
                            }
                     }
              }
       }
}

Use the set form of this command to specify match by application type for a firewall rule within a session. When this rule is matched, a session will be created and the DPI function will try and match on the type of the application. If it matches the application type, then packets are forwarded for the session, otherwise they are dropped. Note the packets will be forwarded until the DPI function has decided it has enough information to determine the application type.

Use the delete form of this command to delete match by application type for a firewall rule within a session.

Use the show form of this command to display the application type match for a firewall rule within a session.