beautypg.com

Dell POWEREDGE M1000E User Manual

Page 501

background image

Fabric OS Command Reference

473

53-1002746-01

ipFilter

2

OPERANDS

This command has the following operands:

policyname

Specifies an IP filter policy name. The policy name is a unique string composed of
a maximum of 20 alphanumeric or underscore characters. The default_ipv4 and
default_ipv6 names are reserved for default IP filter policies. The policy name is
case-insensitive and is always stored as lower case. The policy type identifies the
policy as an IPv4 or IPv6 filter. You can create a maximum of eight IP filter
policies.

--create policyname -type ipv4 | ipv6

Creates an IP filter policy with the specified name and type. The policy created is
stored in a temporary buffer and is lost if the policy is not saved to the persistent
configuration.

--clone policyname -from src_policyname

Creates a replica of an existing IP filter policy. The cloned policy is stored in a
temporary buffer and has the same rules as the original policy.

--show [-a] [policyname]

Displays the IP filter policy content for the specified policy name or all IP filter
policies if policyname is not specified. For each IP filter policy, the policy name,
type, persistent state, and policy rules are displayed. The policy rules are listed by
the rule number in ascending order. The -a option displays the traffic type and the
configured destination IP.

Command output displays without pagination. Use command | more to display the
output with page breaks. If a temporary buffer exists for an IP filter policy, the
--show operand displays the content in the temporary buffer, with the persistent
state set to modified defined or modified active.

--save [policyname]

Saves one or all IP filter policies persistently as the defined configuration. This
operand is optional. If a policy name is specified, only the specified IP filter policy
in the temporary buffer is saved; otherwise, all IP filter policies in the temporary
buffer is saved. Only the CLI session that owns the updated temporary buffer can
run this command. Modification to an active policy cannot be saved without being
applied. Therefore, the --save option is blocked for the active policies; instead use
the --activate option.

--activate policyname

Activates the specified IP filter policy. IP filter policies are not enforced until they
are activated. Only one IP filter policy per IPv4 and IPv6 type can be active. If
there is a temporary buffer for the policy, the policy is saved to the defined
configuration and activated at the same time. If there is no temporary buffer for the
policy, the policy existing in the defined configuration becomes active. The policy
to be activated replaces the existing active policy of the same type. Activating the
default IP filter policies returns the IP management interface to its default state. An
IP filter policy without any rule cannot be activated. This operand prompts for
confirmation before proceeding.

--delete policyname

Deletes the specified IP filter policy. Deleting an IP filter policy removes it from the
temporary buffer. To permanently delete the policy from the persistent database,
issue the ipfilter --save command. An active IP filter policy cannot be deleted.

--addrule policyname

Adds a new rule to the specified IP filter policy. The change made to the specified
IP filter policy is not saved to the persistent configuration until saved or activated.