Binding ipv4 inbound acls to a management port – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Multi-Service IronWare Security Configuration Guide

139

53-1003035-02

Binding IPv4 inbound ACLs to a management port

3

Binding IPv4 inbound ACLs to a management port

You can bind a small number of IPv4 inbound ACLs to the Ethernet port on the Management
Module for filtering IP traffic sent to the Management module’s CPU. These ACLs are processed in
software only and are not programmed in CAM. Outbound IPv4 ACLs are not supported on the
Management module’s Ethernet port.

The default size of IPv4 Inbound ACLs on a management port is 20 filters. This number can be set
from 1 to 100 using the following command.

Brocade(config)# system-max mgmt-port-acl-size 100

Syntax: system mgmt-port-acl-size acls-supported

The acls-supported variable allows you set a maximum number of filters that are supported for the
IPv4 ACL bound to the Management Module’s Ethernet port.

The possible values are 1 - 100.

The default value is 20.

precedence-cutoff

3

15

protocol-unreachable

3

2

reassembly-timeout

11

1

redirect
NOTE: This includes all redirects.This option is not available

in Brocade NetIron CES or Brocade NetIron CER
devices.

5

x

router-advertisement

9

0

router-solicitation

10

0

source-host-isolated

3

8

source-quench

4

0

source-route-failed

3

5

time-exceeded
NOTE: This option is not available in Brocade NetIron CES or

Brocade NetIron CER devices.

11

x

timestamp-reply

14

0

timestamp-request

13

0

ttl-exceeded

11

0

unreachable
NOTE: This includes all unreachable messages. This option

is not available in Brocade NetIron CES or Brocade
NetIron CER devices.

3

x

TABLE 20

ICMP message types and codes

ICMP message type

Type

Code