beautypg.com

Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 478

background image

464

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

6

show firewall [dhcp snoop-table|dos stats] {on }

show firewall flows {filter} {(dir|dst|ether|flow-type|icmp|igmp|ip|max-idle|

min-bytes|min-idle|min-pkts|not|port|src|tcp|udp)}

dhcp snoop-table

Displays DHCP snoop table entries

snoop-table – Displays DHCP snoop table entries

DHCP snooping acts as a firewall between non-trusted hosts and the DHCP server. Snoop table entries
contain MAC address, IP address, lease time, binding type, and interface information of non-trusted
interfaces.

dos stats

Displays Denial of Service (DoS) statistics
This option is not available in the User Exec mode.

on

The following keyword is common to the ‘DHCP snoop table’ and ‘DoS stats’ parameters:

on – Optional. Displays snoop table entries, or DoS stats on a specified device

– Specify the name of the AP, wireless controller, or service platform.

firewall flows

Notifies a session has been established

filter

Optional. Defines additional firewall flow filter parameters

dir [wired-wired|
wired-wireless|
wireless-wired|
wireless-wireless]

Optional. Matches the packet flow direction

wired-wired – Wired to wired flows

wired-wireless – Wired to wireless flows

wireless-wired – Wireless to wired flows

wireless-wireless – Wireless to wireless flows

dst port
<1-65535>

Optional. Matches the destination port with the specified port

port <1-65535> – Specifies the destination port number from 1 - 65535

ether
[dst |
host |
src |
vlan <1-4094>]

Optional. Displays Ethernet filter options

dst – Matches only the destination MAC address

host – Matches flows containing the specified MAC address

src – Matches only the source MAC address

vlan <1-4094> – Matches the VLAN number of the traffic with the specified value. Specify a value from
1- 4094.

flow-type
[bridged|natted|routed|
wired|wireless]

Optional. Matches the traffic flow type

bridged – Bridged flows

natted – Natted flows

routed – Routed flows

wired – Flows belonging to wired hosts

wireless – Flows containing a mobile unit

icmp {code|type}

Optional. Matches flows with the specified Internet Control Message Protocol (ICMP) code and type

code – Matches flows with the specified ICMP code

type – Matches flows with the specified ICMP type

igmp

Optional.Matches Internet Group Management Protocol (IGMP) flows

ip [dst |
host |
proto <0-254>|
src ]

Optional. Filters firewall flows based on the IPv4 parameters passed

dst – Matches destination IP address

host – Matches flows containing IPv4 address

proto <0-254> – Matches the IPv4 protocol number with the specified number

src – Matches source IP address

max-idle
<1-4294967295>

Optional. Filters firewall flows idle for at least the specified duration. Specify a max-idle value from 1 -
4294967295 bytes.

min-bytes
<1-4294967295>

Optional. Filters firewall flows with at least the specified number of bytes. Specify a min-bytes value from 1 -
4294967295 bytes.

See also other documents in the category Brocade Computer Accessories: