Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

security firewall name <name> rule <rule-number> tcp flags <flags>

Defines the TCP flags to match for a firewall rule.

set security firewall name name rule rule-number tcp flags flags
delete security firewall name name rule rule-number tcp [ flags flags ]
show security firewall name name rule rule-number tcp
name
The name of a firewall rule set.
rule-number
The numeric identifier of a rule. The identifier ranges from 1 through 9999.
flags
Matches the specified TCP flags in a packet. The keywords are SYN, ACK, FIN, RST, URG, and PSH.
You can specify more than one flag, separated by commas, in a list. Prefixing the flag name with the negation operator (!) matches packets with the specified flag unset. For example, the list of SYN, !ACK, !FIN, !RST matches only packets with the SYN flag set and the ACK, FIN, and RST flags unset.

Configuration mode


security {
    firewall {
        name name {
            rule rule-number {
                tcp {
                    flags flags
                }
            }
        }
    }
}

Use the set form of this command to define the TCP flags in a packet of a firewall rule.

Use the delete form of this command to delete the TCP flags in a packet of a firewall rule.

Use the show form of this command to display the TCP flags in a packet of a firewall rule.