HP StorageWorks 4/64 Brocade Fabric OS Command Reference v6.3.0 (53-1001337-01 - Page 810
secpolicycreate, DCC_POLICY Members, SCC_POLICY and FCC_POLICY Members, Examples, The DCC_Policy
View all HP StorageWorks 4/64 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 810 highlights
2 secPolicyCreate "member" The DCC_POLICY_nnn name has the common prefix DCC_POLICY_ followed by a string of user-defined characters. These characters do not have to be capitalized like regular policy names. Valid values for DCC_POLICY_nnn are user-defined alphanumeric or underscore characters. The maximum length is 30 characters, including the prefix DCC_POLICY_. secpolicycreate DCC_POLICY "*" may be used to indicate DCC lockdown. This command creates a unique policy for each port in the fabric locking it down to the device connected or creating an empty policy to disallow any device to be connected to it. This can be done only when there are no other DCC policies defined on the switch. Specify one or more members to be included in the security policy. The member list must be enclosed in double quotation marks and members separated by semicolons. The member list must be separated from the name field by a comma and a space. Depending on the policy type, members are specified as follows: DCC_POLICY Members The DCC_Policy_nnn is a list of devices associated with a specific switch and port index combination. An empty DCC_POLICY does not stop access to the switch. The device is specified by its port WWN. The switch and port combination must be in the switch port format switch can be specified using a WWN, domain, or switch name. port can be specified by port numbers separated by commas and enclosed in either brackets or parentheses: for example, (2, 4, 6). Ports enclosed in brackets include the devices currently attached to those ports. The following examples illustrate several ways to specify the port values: (1-6) Selects ports 1 through 6. (*) Selects all ports on the switch. [3, 9] Selects ports 3 and 9 and all devices attached to those ports. [1-3, 5] Selects ports 1 through 3 and 5 and all devices attached to those ports. [*] Selects all ports on the switch and devices currently attached to those ports. SCC_POLICY and FCC_POLICY Members This policy type requires member IDs to be specified as WWN strings, domains, or switch names. If domain or switch names are used, the switches associated must be present in the fabric or the command fails. To add all switches in the current fabric as members of the policy, enter an asterisk enclosed in quotation marks (*) as the member value. This feature cannot be used by the other security commands. Examples To create an FCS policy: primaryfcs:admin> secpolicycreate "FCS_POLICY", "3; 4" FCS_POLICY has been created. 780 Fabric OS Command Reference 53-1001337-01