Protocol, Action, Traffic type and destination ip – Brocade Fabric OS Administrators Guide (Supporting Fabric OS v7.3.0) User Manual

Supported services (Continued)

TABLE 47

Service name

Port number

https

443

ssmtp

465

exec

512

login

513

shell

514

uucp

540

biff

512

who

513

syslog

514

route

520

timed

525

kerberos4

750

Protocol

TCP and UDP protocols are valid protocol selections. Fabric OS v6.2.0 and later do not support
configuration to filter other protocols. Implicitly, ICMP type 0 and type 8 packets are always allowed to
support ICMP echo request and reply on commands like ping and traceroute.

Action

For the action, only "permit" and "deny" are valid.

Traffic type and destination IP

The traffic type and destination IP elements allow an IP policy rule to specify filter enforcement for IP
forwarding. The INPUT traffic type is the default and restricts rules to manage traffic on IP management
interfaces,

The FORWARD traffic type allows management of bidirectional traffic between the external
management interface and the inband management interface. In this case, the destination IP element
should also be specified.

Implicit filter rules

For every IP Filter policy, the two rules listed in

Table 48

are always assumed to be appended implicitly

to the end of the policy. This ensures that TCP and UDP traffic to dynamic port ranges is allowed, so
that management IP traffic initiated from a switch, such as syslog, radius and ftp, is not affected.

Protocol

Fabric OS Administrators Guide

235

53-1003130-01