rulenum <rule-number> | Specifies a rule number to edit. |
srcaddr <ip-address> | Specifies the source subnet IP address and netmask. Use the format XXX.XXX.XXX.XXX/XX for IPv4 and X:X:X::X/XXX for IPv6. |
srcaddr all-ip | Specifies all IPv4 and all IPv6 addresses. This is the default. |
srcaddr all-ipv4 | Specifies all IPv4 addresses. |
srcaddr all-ipv6 | Specifies all IPv6 addresses. |
dstaddr <ip-address> | Specifies the destination subnet IP address and netmask. Use the format XXX.XXX.XXX.XXX/XX for IPv4 and X:X:X::X/XXX for IPv6. |
dstaddr all-ip | Specifies all IPv4 and all IPv6 addresses. This is the default. |
dstaddr all-ipv4 | Specifies all IPv4 addresses. |
dstaddr all-ipv6 | Specifies all IPv6 addresses. |
dstport <port> | Specifies a destination port or port label for this rule. You can specify: • a single port number. • a comma-separated list of ports with or without ranges (for example, 1,2,4-10,12). • any user-defined port labels. Valid port labels include: – SteelFusion – Interactive – RBT-Proto – Secure For more information on port labels, see
port-label. |
allow-tcp-proxy enable | Allows only SCPS peering. This is the default. |
allow-tcp-proxy disable | Allows SCPS and non-SCPS peering. |
vlan <vlan> | Specifies a VLAN identification number from 1 to 4094, -1, or 0. -1 specifies that the rule applies to all VLANs; 0 specifies that the rule applies to untagged connections. |
web-proxy <mode> | Specifies the web proxy optimization mode for this rule: • disable - Use this rule if the connection is not web-proxied. • enable - Use this rule if the connection is web-proxied. • ignore - Use this rule if it is unimportant whether or not the connection is web proxied. Web proxy enables a client-side appliance with an autodiscovery or pass-through in-path rule to use a single-ended web proxy to transparently intercept all traffic bound to the Internet. Enabling the web proxy improves performance by providing optimization services such as web object caching and SSL decryption to enable content caching and logging services. |
cong-ctrl-algo <method> | Specifies a method for congestion control for the rule: • default - Standard TCP optimization (RFC compliant). • hstcp - High-speed TCP optimization. • bw-est - TCP bandwidth-estimation optimization. • per-conn-tcp - SkipWare per-connection TCP. This method is not available without a SCPS license. • err-tol-tcp - SkipWare error-tolerant TCP optimization. This method is not available without an SCPS license. |
rate-pacing enable | Enables rate pacing on a per-rule basis. Rate pacing is disabled by default. Rate pacing applies only to MX-TCP traffic as classified by QoS. Enabling rate pacing evenly spreads the transmission of a window of packets across the entire duration of the round-trip time. |
rate-pacing disable | Disables rate pacing on a per-rule basis. Rate pacing is disabled by default. Rate pacing applies only to MX-TCP traffic as classified by QoS. |