Usage: rule name = | id= policy = newname = description = filterlist = filteraction = tunnel = (ip

Usage:
  rule [ name = ]  | [id= ] 
       [ policy = ] 
       [ [ newname = ]  ]
       [ [ description = ]  ]
       [ [ filterlist = ]  ]
       [ [ filteraction = ]  ]
       [ [ tunnel = ] (ip | dns) ]
       [ [ conntype = ] (lan | dialup | all) ]
       [ [ activate = ] (yes | no) ]
       [ [ kerberos = ] (yes | no) ]
       [ [ psk = ]  ]
       [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ]

  Modifies a rule in a policy.

Parameters:

  Tag            Value
  name | id     -Name or ID of the rule.
  policy        -Name of the policy, the rule belongs to.
  newname       -New name of the rule.
  description   -Brief information about the rule.
  filterlist    -Name of the filter list to be used.
  filteraction  -Name of the filter action to be used.
  tunnel        -Tunnel ip address or dns name.
  conntype      -Connection type can be ‘lan', ‘dialup' or ‘all'.
  activate      -Activates the rule in the policy if ‘yes' is specified.
  kerberos      -Provides Kerberos authentication if ‘yes' is specified.
  psk           -Provides authentication using a specified preshared key.
  rootca        -Provides authentication using a specified root certificate,
                 attempts to map the cert if certmap:Yes is specified,
                 excludes the CA name if excludecaname:Yes is specified.

Remarks:  1. Certificate, mapping, and CA name settings are all to be within
             quotes; embedded quotes are to be replaced with \'.
          2. Certificate mapping is valid only for domain members.
          3. Multiple certificates can be provided by using the rootca
             parameter multiple times.
          4. The preference of each authentication method is determined by
             its order in the command.
          5. If no auth methods are stated, dynamic defaults are used.
          6. All authentication methods are overwritten with the stated list.
          7. Excluding the root certification authority (CA) name prevents
             the name from being sent as part of the certificate request.

Examples: 1. set rule name=Rule policy=Policy activate=yes
             rootca="C=US,O=MSFT,CN=\'Microsoft North, South, East, and West
             Root Authority\' certmap:yes excludecaname:no"
          2. set rule id=3 Policy newname=RuleNew tunnel=192.165.123.156

Usage: restorepolicyexamples release = (win2k | win2003) Restores the default policies. Parameters: Tag Value release -OS ... Usage: rule name = policy = filterlist = filteraction = tunnel = (ip | dns) conntype = (lan | dialup | all) activate = (yes ... Usage: rule name = | id = | all policy = Deletes a rule from a policy. Parameters: Tag Value name | id | all -Name of the ... Usage: rule name = | id = | all | default policy = type = (tunnel | tranport) level = (verbose | normal) format = (list | ... Usage: rule name = | id= policy = newname = description = filterlist = filteraction = tunnel = (ip | dns) conntype = (lan ... Usage: rule srcaddr = (ip | dns | server) dstaddr = (ip | dns | server) protocol = (ANY | ICMP | TCP | UDP | RAW | ) srcport ... Usage: rule srcaddr = (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) dstaddr = (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 ... Usage: rule srcaddr = (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) dstaddr = (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 ... Usage: rule type = (transport | tunnel) srcaddr = (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) dstaddr = (ipv4 | ...