HP StorageWorks 8/40 Brocade Fabric OS Command Reference v6.3.0 (53-1001337-01 - Page 430
ipfilter, explicitly ends an open transaction and aborts
View all HP StorageWorks 8/40 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 430 highlights
2 ipfilter ipfilter Synopsis Description Notes Operands Manages the IP filter policies. ipfilter --create policyname -type ipv4 | ipv6 ipfilter --clone policyname -from src_policyname ipfilter --show [policyname] ipfilter --save [policyname] ipfilter --activate policyname ipfilter --delete policyname ipfilter --addrule policyname -rule rule_number -sip source IP -dp dest port -proto protocol -act permit | deny ipfilter --delrule policyname -rule rule number ipfilter --transabort Use this command to manage IP filter policies. The ipfilter command and command options are non-interactive, except when prompting for a confirmation. The IP filter policy sets up a packet filtering firewall to provide access control on the management IP interface. The IPv4 and IPv6 policies are either in the defined configuration or in the active configuration. Excluding the default policies, there can be a maximum of six policies in the defined configuration and one policy per IPv4 and IPv6 type in the active configuration. The active policy must be the default policy or one of the policies in the defined configuration. Only the active policies are enforced. All of the ipfilter options except --show and --transabort, create a transaction owned by the management session initiating the commands. An open transaction prevents other transactions from being created on different management sessions. The --create, --clone, --delete, --addrule, and --delrule operands modify policies in memory buffer, while operands, --save and --activate commit policies to the persistent configuration. The operands, --save and --activate, implicitly end the transaction if all policy changes are committed. The operand --transabort explicitly ends an open transaction and aborts policy changes in memory buffer. Closing the management session that owns the transaction also aborts policy changes and closes the transaction. The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in place. Refer to chapter 1, "Using Fabric OS commands" and Appendix A, "Command Availability" for details. In a Virtual Fabric environment, IP Filter policies are treated as chassis-wide configurations and apply to all logical switches in the chassis. Chassis permissions are required to manage IP Filter policies. This command has the following operands: policyname Specifies an IP filter policy name. The policy name is a unique string composed of a maximum of 20 alphanumeric or underscore characters. The default_ipv4 and default_ipv6 names are reserved for default IP filter policies. The policy name is case-insensitive and is always stored as lower 400 Fabric OS Command Reference 53-1001337-01