|
Log
|
Sets logging behavior. The options
are:
-
LOG_NONE - Do not log packets.
-
LOG_SUMMARY - Records the first 40 bytes of the packet
in the log.
-
LOG_DETAIL - Records the complete packet in the log.
-
LOG_SESSION - Records information about the session
in the log. The information saved consists of the source and destination addresses
and ports (if applicable), the amount of data being sent in each direction,
and the length of the session. Not used for stateless services such as ip all.
|
|
SNMP
|
Specifies whether the Screen should
issue an SNMP trap message when the rule is applied. The options are:
|
|
Encryption
|
Specifies the version of SKIP. The
options are:
|
|
Source Tunnel
|
Specifies the tunnel address of the from encryptor.
|
|
Destination Tunnel
|
Specifies the tunnel
address of the to encryptor.
|
|
From Encryptor
|
Specifies the certificate name for
the SKIP host that is encrypting the data. This can be either a Screen or
an end-system SKIP host. Either the From Encryptor or the To Encryptor must
identify a SKIP certificate on the local Screen
|
|
To Encryptor
|
Specifies the certificate name for
the SKIP host that is decrypting the data. This machine can be the local Screen
or a remote host.
|
|
Key Algorithm
|
Specifies the type of encryption you
want to use for traffic. The options available depend on the strength of encryption
that you are using.
|
|
Data Algorithm
|
Specifies the type of encryption you
want to use for data. The options available depend on the strength of encryption
that you are using.
|
|
MAC Algorithm
|
Specifies the type of authentication
that you want to use for packets that meet the criteria of this rule. The
MAC algorithm is supported in SKIP version 2. The options are:
|
