Security Firewall Name <Name> Rule <Rule-Number> Source <Source - Brocade Communications Systems 5600 vRouter Configuration Manual

Hide thumbs Also See for 5600 vRouter:

Configuration manual (187 pages)

Reference manual (124 pages)

Quick start manual (48 pages)

Table Of Contents

100

101

102

103

104

105

106

page of 106

/ 106
Contents
Table of Contents
Bookmarks

Table of Contents

security firewall name <name> rule <rule-number> source <source>

Defines the source address, MAC address, or source port for a firewall rule set.

Syntax

set security firewall name

delete security firewall name

show security firewall name

Parameters

name

The name of a firewall rule set.

rule-number

The numeric identifier of a rule. The identifier ranges from 1 through 9999.

address

Specifies a source address to match. Address formats are as follows:

ip-address : An IPv4 address.

ip-address/prefix : A network address, where 0.0.0.0/0 matches any network.

ip-address : All IP addresses except the one specified.

ip-address/prefix : All network addresses except the one specified.

ipv6-address : An IPv6 address; for example, fe80::20c:29fe:fe47:f89.

ipv6-address/prefix : A network address, where ::/0 matches any network; for example, fe80::20c:29fe:fe47:f88/64.

ipv6-address : All IP addresses except the one specified.

ipv6-address/prefix : All network addresses except the one specified.

When both an address and a port are specified, the packet is considered a match only if both the address and the port

match.

address

mac-address

Matches the media access control (MAC) address in the source address. The address format is six 8-bit numbers,

separated by colons, in hexadecimal; for example, 00:0a:59:9a:f2:ba.

port

Specifies a source port to match; this criterion applies only when the protocol is TCP or UDP. Port formats are as

follows:

port-name : The name of an IP service; for example, http. You can specify any service name in the /etc/services file.

port-number : A port number. The number ranges from 1 through 65535.

start-end : A range of ports; for example, 1001-1005.

When both an address and a port are specified, the packet is considered a match only if both the address and the port

match.

Modes

Configuration mode

Brocade 5600 vRouter Firewall Configuration Guide

53-1004253-01

name rule rule-number source { address address | mac-address address | port port }

name rule rule-number source [ address address | mac-address address | port port ]

name rule rule-number source

Firewall Commands

Table of Contents

Security Firewall Name <Name> Rule <Rule-Number> Source <Source - Brocade Communications Systems 5600 vRouter Configuration Manual

Related Manuals for Brocade Communications Systems 5600 vRouter

Related Content for Brocade Communications Systems 5600 vRouter

Table of Contents