Manualshelf

Installation manual

ManualsBrandsAcopia Networks ManualsHome building and Decor810-0044-00
919293949596979899100
Preparing for NFS Authentication
Adding an NFS Access List
4-20 CLI Storage-Management Guide
You cannot deny a NIS netgroup. We recommend a subnet-deny rule after any permit
netgroup
rule, to ensure that all other hosts in the netgroup’s subnet are explicitly
denied.
Removing a Deny Rule
From gbl-nfs-acl mode, use no deny to remove a deny rule from the current access
list:
no deny ip-address mask
where
ip-address identifies the subnet for the deny rule, and
mask defines the network part of the ip-address.
For example, the following command sequence removes the deny rule for clients at
192.168.77.0:
bstnA6k(gbl)# nfs-access-list eastcoast
bstnA6k(gbl-nfs-acl[eastcoast])# no deny 192.168.77.0 255.255.255.0
bstnA6k(gbl-nfs-acl[eastcoast])# ...
Changing Rule Order
The order that you enter rules determines the order in which they are compared to
client IPs. If a client’s IP address matches more than one rule in the access list, the
ARX uses the first matching rule and ignores the rest. For example, consider the
following access list:
bstnA6k(gbl)# show nfs-access-list eastcoast
...
permit 192.168.0.0 255.255.0.0 read-write root squash
deny 192.168.77.0 255.255.255.0
deny 192.168.202.0 255.255.255.0
...