To configure a filter sequence to match packets with TCP as Layer 4 protocol and the specified TCP flag type, use the set firewall filter sequence from protocol tcp flags command in L2/L3 configuration mode.

Command Syntax

set firewall filter filter-name sequence number from protocol tcp flags type { true | false }
delete firewall filter filter-name sequence number from protocol tcp flags type

Parameters

filter-nameFilter name.
numberFilter sequence number. The range is 0-9999.
type

TCP flag type. Possible values are:

ack

fin

psh

rst

syn

tcp-established

tcp-initial urg

trueThe flag is set (1).
falseThe flag is not set (0).

Examples

The following example configures sequence 10 of the MyFilter filter to match packets with TCP as the Layer 4 protocol and specified values for TCP flags:

admin@Switch# set firewall filter MyFilter sequence 1 from protocol tcp flags ack true
admin@Switch# set firewall filter MyFilter sequence 1 from protocol tcp flags psh false

The following example removes both match conditions from sequence 1 of the MyFilter filter:

admin@Switch# delete firewall filter MyFilter sequence 1 from protocol tcp flags ack
Deleting: 
>   ack: true
OK 
admin@Switch# delete firewall filter MyFilter sequence 1 from protocol tcp flags psh
Deleting: 
>   psh: false
OK