Reference Guide

ManualsBrandsDell ManualsAccess PlatformsBrocade G620

451

452

453

454

455

456

457

458

459

460

Brocade Fabric OS Command Reference 435

53-1004112-02

ipFilter

Operands

This command has the following operands:

policyname

Specifies an IP filter policy name. The policy name is a unique string composed of a

maximum of 20 alphanumeric or underscore characters. The default_ipv4 and

default_ipv6 names are reserved for default IP filter policies. The policy name is

case-insensitive and is always stored as lower case. The policy type identifies the policy as

an IPv4 or IPv6 filter. You can create a maximum of eight IP filter policies.

--create policyname -type ipv4 | ipv6

Creates an IP filter policy with the specified name and type. The policy created is stored in a

temporary buffer and is lost if the policy is not saved to the persistent configuration.

--clone policyname -from src_policyname

Creates a replica of an existing IP filter policy. The cloned policy is stored in a temporary

buffer and has the same rules as the original policy.

--show [-a] [policyname]

Displays the IP filter policy content for the specified policy name or all IP filter policies if

policyname is not specified. For each IP filter policy, the policy name, type, persistent state,

and policy rules are displayed. The policy rules are listed by the rule number in ascending

order. The -a option displays the traffic type and the configured destination IP.

Command output displays without pagination. Use command | more to display the output

with page breaks. If a temporary buffer exists for an IP filter policy, the --show operand

displays the content in the temporary buffer, with the persistent state set to modified

defined or modified active.

--save [policyname]

Saves one or all IP filter policies persistently as the defined configuration. This operand is

optional. If a policy name is specified, only the specified IP filter policy in the temporary

buffer is saved; otherwise, all IP filter policies in the temporary buffer is saved. Only the CLI

session that owns the updated temporary buffer can run this command. Modification to an

active policy cannot be saved without being applied. Therefore, the --save option is blocked

for the active policies; instead use the --activate option.

--activate policyname

Activates the specified IP filter policy. IP filter policies are not enforced until they are

activated. Only one IP filter policy per IPv4 and IPv6 type can be active. If there is a

temporary buffer for the policy, the policy is saved to the defined configuration and

activated at the same time. If there is no temporary buffer for the policy, the policy existing in

the defined configuration becomes active. The policy to be activated replaces the existing

active policy of the same type. Activating the default IP filter policies returns the IP

management interface to its default state. An IP filter policy without any rule cannot be

activated. This operand prompts for confirmation before proceeding.

--delete policyname

Deletes the specified IP filter policy. Deleting an IP filter policy removes it from the

temporary buffer. To permanently delete the policy from the persistent database, issue the

ipfilter --save command. An active IP filter policy cannot be deleted.