[capirca] r252 committed - Edited wiki page PolicyFormat through web user interface.
8 views
Skip to first unread message
cap...@googlecode.com
Mar 12, 2014, 5:03:18 PM3/12/14
to capir...@googlegroups.com
Revision: 252
Author: vkli...@google.com
Date: Wed Mar 12 21:03:00 2014 UTC
Log: Edited wiki page PolicyFormat through web user interface.
http://code.google.com/p/capirca/source/detail?r=252
Modified:
/wiki/PolicyFormat.wiki
=======================================
--- /wiki/PolicyFormat.wiki Thu Jan 9 17:04:28 2014 UTC
+++ /wiki/PolicyFormat.wiki Wed Mar 12 21:03:00 2014 UTC
@@ -162,8 +162,8 @@
* _expiration::_ stop rendering this term after specified date.
[YYYY]-[MM]-[DD]
* _icmp-type::_ specify icmp-type code to match, see section
[PolicyFormat#ICMP_TYPES ICMP TYPES] for list of valid arguments
* _option::_ [established|tcp-established|sample|intial|rst|
first-fragment]
- * _established_ - only permit established connections, implements
tcp-established if protocol is tcp only, otherwise adds 1024-65535 to
required destination-ports.
- * _tcp-established_ - only permit established tcp connections, usually
checked based on TCP flag settings. If protocol UDP is included in term,
only adds 1024-65535 to required destination-ports.
+ * _established_ - only permit established connections, implements
tcp-established for tcp and sets destination port to 1024- 65535 for udp if
destination port is not defined.
+ * _tcp-established_ - only permit established tcp connections, based
on statefull match or TCP flags. Not supported for other protocols.
* _sample_ - not supported by all generators. Samples traffic for
netflow.
* _initial_ - currently only supported by juniper generator. Appends
tcp-initial to the term.
* _rst_ - currently only supported by juniper generator.
Appends "tcp-flags rst" to the term.
Author: vkli...@google.com
Date: Wed Mar 12 21:03:00 2014 UTC
Log: Edited wiki page PolicyFormat through web user interface.
http://code.google.com/p/capirca/source/detail?r=252
Modified:
/wiki/PolicyFormat.wiki
=======================================
--- /wiki/PolicyFormat.wiki Thu Jan 9 17:04:28 2014 UTC
+++ /wiki/PolicyFormat.wiki Wed Mar 12 21:03:00 2014 UTC
@@ -162,8 +162,8 @@
* _expiration::_ stop rendering this term after specified date.
[YYYY]-[MM]-[DD]
* _icmp-type::_ specify icmp-type code to match, see section
[PolicyFormat#ICMP_TYPES ICMP TYPES] for list of valid arguments
* _option::_ [established|tcp-established|sample|intial|rst|
first-fragment]
- * _established_ - only permit established connections, implements
tcp-established if protocol is tcp only, otherwise adds 1024-65535 to
required destination-ports.
- * _tcp-established_ - only permit established tcp connections, usually
checked based on TCP flag settings. If protocol UDP is included in term,
only adds 1024-65535 to required destination-ports.
+ * _established_ - only permit established connections, implements
tcp-established for tcp and sets destination port to 1024- 65535 for udp if
destination port is not defined.
+ * _tcp-established_ - only permit established tcp connections, based
on statefull match or TCP flags. Not supported for other protocols.
* _sample_ - not supported by all generators. Samples traffic for
netflow.
* _initial_ - currently only supported by juniper generator. Appends
tcp-initial to the term.
* _rst_ - currently only supported by juniper generator.
Appends "tcp-flags rst" to the term.
Reply all
Reply to author
Forward
0 new messages