srcaddr <ip-address> | Specifies the source subnet IP address and netmask. Use the format XXX.XXX.XXX.XXX/XX for IPv4 and X:X:X::X/XXX for IPv6. |
srcaddr all-ip | Specifies all IPv4 and all IPv6 addresses. This is the default. |
srcaddr all-ipv4 | Specifies all IPv4 addresses. |
srcaddr all-ipv6 | Specifies all IPv6 addresses. |
dstaddr <ip-address> | Specifies the destination subnet IP address and netmask. Use the format XXX.XXX.XXX.XXX/XX for IPv4 and X:X:X::X/XXX for IPv6. |
dstaddr all-ip | Specifies all IPv4 and all IPv6 addresses. This is the default. |
dstaddr all-ipv4 | Specifies all IPv4 addresses. |
dstaddr all-ipv6 | Specifies all IPv6 addresses. |
dstport <port(s)> | Specifies a destination port or port label for this rule. You can specify: • a single port number. • a comma-separated list of ports with or without ranges (for example, 1,2,4-10,12). • any user-defined port labels. Valid port labels include: – SteelFusion – Interactive – RBT-Proto – Secure For more information on port labels, see
port-label. |
vlan <vlan> | Specifies a VLAN identification number from 1 to 4094, -1, or 0. -1 specifies that the rule applies to all VLANs; 0 specifies that the rule applies to untagged connections. |
web-proxy <mode> | Specifies the web proxy optimization mode for this rule: • disable - Use this rule if the connection is not web proxied. • enable - Use this rule if the connection is web proxied. • ignore - Use this rule if it is unimportant whether or not the connection is web proxied. Web proxy enables a client-side appliance with an auto-discovery or pass-through in-path rule to use a single-ended web proxy to transparently intercept all traffic bound to the Internet. Enabling the web proxy improves performance by providing optimization services such as web object caching and SSL decryption to enable content caching and logging services. |
cong-ctrl-algo <method> | Specifies a method for congestion control for the rule: • default - Standard TCP optimization (RFC compliant). • hstcp - High-speed TCP optimization. • bw-est - TCP bandwidth-estimation optimization. • per-conn-tcp - SkipWare per-connection TCP. This method is not available without a SCPS license. • err-tol-tcp - SkipWare error-tolerant TCP optimization. This method is not available without a SCPS license. |
rate-pacing enable | Enables rate pacing on a per-rule basis. Rate pacing is disabled by default. Rate pacing applies only to MX-TCP traffic as classified by QoS. Enabling rate pacing evenly spreads the transmission of a window of packets across the entire duration of the round-trip time. |
rate-pacing disable | Disables rate pacing on a per-rule basis. Rate pacing is disabled by default. |
rulenum <rule-number> | Specifies a rule number from 1 to N, start, or end. The SteelHeads evaluate rules in numerical order, starting with rule 1. If the conditions set in the rule match, then the rule is applied, and the system moves on to the next packet. If the conditions set in the rule do not match, the system consults the next rule. For example, if the conditions of rule 1 do not match, rule 2 is consulted. If rule 2 matches the conditions, it is applied, and no further rules are consulted. |