set access-rule type incoming-internal-and-vpn

Description

Configures an existing firewall access rule to the incoming/internal/VPN traffic Rule Base by position or name.

Syntax

set access-rule type incoming-internal-and-vpn position <position> [ action <action>] [ log <log> ] [ source <source> ] [ source-negate <source-negate> ] [ destination <destination> ] [ destination-negate <destination-negate> ] [ service <service> ] [ service-negate <service-negate> ] [ disabled <disabled> ] [ comment "<comment>" ] [ hours-range-enabled { true hours-range-from <hours-range-from> hours-range-to <hours-range-to> | false } ] [ { position <position> | position-above <position-above> | position-below <position-below> } ] [ name <name> ] [ vpn <vpn>]

set access-rule type incoming-internal-and-vpn name <name> [ action <action> ] [ log <log> ] [ source <source> ] [ source-negate <source-negate> ] [ destination <destination> ] [ destination-negate <destination-negate>] [ service <service> ] [ service-negate <service-negate> ] [ disabled <disabled> ] [ comment "<comment>" ] [ hours-range-enabled { true hours-range-from <hours-range-from> hours-range-to <hours-range-to> | false } ] [ { position <position> | position-above <position-above> | position-below <position-below> } ] [ name <name> ] [ vpn <vpn> ]

Parameters

Parameter	Description
action	The action taken when there is a match on the rule Options: block, accept, ask, inform, block-inform
comment	Description of the rule A string that contains less than 257 characters, of this set: `a-z` (lower-case letters) `A-Z` (upper-case letters) `0-9` (digits) '`,`' (comma) '`.`' (period) '`-`' (minus) '`(`' (opening round bracket) '`)`' (closing round bracket) '`:`' (colon) '`@`' (at)
destination	Network object that is the target of the connection
destination-negate	If true, the destination is all traffic except what is defined in the destination field Type: Boolean (true/false)
disabled	Indicates if the rule is disabled Type: Boolean (true/false)
hours-range-enabled	If true, time is configured Type: Boolean (true/false)
hours-range-from	Time in the format HH:MM Type: A time format hh:mm
hour-range-to	Time in the format HH:MM Type: A time format hh:mm
log	Defines which logging method to use: None - do not log, Log - Create log, Alert - log with alert, Account - account rule Options: none, log, alert, account
name	name A string of alphanumeric characters without space between them: `a-z` (lower-case letters) `A-Z` (upper-case letters) `0-9` (digits)
position	The order of the rule in comparison to other manual rules Type: Decimal number
position-above	The order of the rule in comparison to other manual rules Type: Decimal number
position-below	The order of the rule in comparison to other manual rules Type: Decimal number
service	The network service object that the rule should match to
service-negate	If true, the service is everything except what is defined in the service field Type: Boolean (true/false)
source	Network object or user group that initiates the connection
source-negate	If true, the source is all traffic except what is defined in the source field Type: Boolean (true/false)
vpn	Indicates if traffic is matched on encrypted traffic only or all traffic Type: Boolean (true/false)

Example

set access-rule type incoming-internal-and-vpn position 2 action block log none source TEXT source-negate true destination TEXT destination-negate true service TEXT service-negate true disabled true comment "This is a comment" hours-range-enabled true hours-range-from 23:20 hours-range-to 23:20 position 2 name MyRule vpn true

set access-rule type incoming-internal-and-vpn name MyRule action block log none source TEXT source-negate true destination TEXT destination-negate true service TEXT service-negate true disabled true comment "This is a comment" hours-range-enabled true hours-range-from 23:20 hours-range-to 23:20 position 2 vpn true