HP SN3000B Administrator's Manual page 166

6
Telnet protocol
5. Add a rule to the policy, by typing the ipFilter
6. Save the new ipfilter policy by typing the ipfilter
7.
8. Activate the new ipfilter policy by typing the ipfilter
9. Verify the new policy is active (the default_ipv4 policy should be displayed as defined).
128
switch:admin> ipfilter --addrule BlockTelnet -rule 1 -sip any -dp 23 -proto
tcp -act deny
ATTENTION
The rule number assigned has to precede the default rule number for this protocol. For
example, in the defined policy, the Telnet rule number is 2, therefore to effectively block Telnet,
the rule number to assign must be 1.
If you choose not to use 1, you will need to delete the telnet rule number 2 after adding this
rule. Refer to "Deleting a rule to an IP Filter policy"
deleting IP filter rules.
Verify the new policy is correct by typing the ipFilter
switch:admin> ipfilter --activate BlockTelnet
switch:admin> ipfilter --show
Name: BlockTelnet, Type: ipv4, State: defined
Rule Source IP
1 any
2 any
3 any
4 any
5 any
6 any
7 any
8 any
9 any
10 any
11 any
12 any
13 any
Name: default_ipv4, Type: ipv4, State: defined
Rule Source IP
1 any
2 any
3 any
4 any
5 any
6 any
7 any
8 any
9 any
10 any
11 any
12 any
addrule command.
--
on page 159 for more information on
save command.
--
show command.
--
activate command.
--
Protocol Dest Port
tcp 23
tcp 22
tcp 22
tcp 897
tcp 898
tcp 111
tcp 80
tcp 443
udp 161
udp 111
udp 123
tcp 600 - 1023
udp 600 - 1023
Protocol Dest Port
tcp 22
tcp 23
tcp 897
tcp 898
tcp 111
tcp 80
tcp 443
udp 161
udp 111
udp 123
tcp 600 - 1023
udp 600 - 1023
Action
deny
permit
permit
permit
permit
permit
permit
permit
permit
permit
permit
permit
permit
Action
permit
permit
permit
permit
permit
permit
permit
permit
permit
permit
permit
permit
Fabric OS Administrator's Guide
53-1002446-01