Saving An Ip Filter Policy; Activating An Ip Filter Policy; Deleting An Ip Filter Policy; Ip Filter Policy Rules - HP A7533A - Brocade 4Gb SAN Switch Base Administrator's Manual
Hp storageworks fabric os 6.2 administrator guide (5697-0016, may 2009)
Hide thumbs
Also See for A7533A - Brocade 4Gb SAN Switch Base:
- Administrator's manual (518 pages) ,
- Hardware reference manual (256 pages) ,
- User manual (248 pages)
Table of Contents
Advertisement
2.
Enter the following command:
ipfilter –-show [<policyname>]
where
<policyname>
Saving an IP Filter policy
You can save one or all IP Filter policies persistently in the defined configuration. The policy name is
optional for this subcommand. If the policy name is given, the IP Filter policy in the temporary buffer is
saved; if the policy name is not given, all IP Filter policies in the temporary buffer are saved. Only the CLI
session that owns the updated temporary buffer may run this command. Modification to an active policy
cannot be saved without being applied. Hence, the
Use
activate instead.
--
1.
Log in to the switch using an account assigned to the admin role.
2.
Enter the following command:
ipfilter –-save [<policyname>]
where
<policyname>
Activating an IP Filter policy
IP Filter policies are not enforced until they are activated. Only one IP Filter policy per IPv4 and IPv6 type
can be active. If there is a temporary buffer for the policy, the policy is saved to the defined configuration
and activated at the same time. If there is no temporary buffer for the policy, the policy existing in the
defined configuration becomes active. The activated policy remains in the defined configuration. The
policy to be activated replaces the existing active policy of the same type. Activating the default IP Filter
policies returns the IP management interface to its default state. An IP Filter policy without any rule cannot
be activated. This subcommand prompts for a user confirmation before proceeding.
1.
Log in to the switch using an account assigned to the admin role.
2.
Enter the following command:
ipfilter –-activate <policyname>
where
policyname
Deleting an IP Filter policy
You can delete a specified IP Filter policy. Deleting an IP Filter policy removes it from the temporary buffer.
To permanently delete the policy from the persistent database, run ipfilter
policy cannot be deleted.
1.
Log in to the switch using an account assigned to the admin role.
2.
Enter the following command:
ipfilter –delete <policyname>
where
policyname
3.
To permanently delete the policy, enter the following command:
ipfilter --save
IP Filter policy rules
An IP Filter policy consists of a set of rules. Each rule has an index number identifying the rule. There can
be a maximum of 256 rules within an IP Filter policy.
Each rule contains the following elements:
•
Source Address: A source IP address or a group prefix.
•
Destination Port: The destination port number or name, such as: Telnet, SSH, HTTP, HTTPS.
•
Protocol: The protocol type. Supported types are TCP or UDP.
•
Action: The filtering action taken by this rule, either Permit or Deny.
136 Configuring advanced security features
is the name of the policy and is optional.
is the name of the policy and is optional.
is the name of the policy.
is the name of the policy.
save subcommand is blocked for the active policies.
--
save. An active IP Filter
--
Hide quick links:
Advertisement
Table of Contents
