Reference Guide
268 | firewall cp Dell PowerConnect W-Series ArubaOS 6.2 | Reference Guide
firewall cp
firewall cp
deny|permit <ip-addr><ip-mask>|any|{host <ip-addr>} proto{<ip-protocol-number> ports
<start port number><end port number>}|ftp|http|https|icmp|snmp|ssh|telnet|tftp[bandwidth-
contract <name>]
no...
Description
This command creates whitelist session ACLs. Whitelist ACLs consist of rules that explicitly permit or deny session
traffic from being forwarded or not to the controller. This prohibits traffic from being automatically forwarded to the
controller if it was not specifically denied in a blacklist.The maximum number of entries allowed in the whitelist is
64.
Syntax
Parameter Description Range Default
deny|permit
<ip-addr><ip-mask>
Specifies the entry to reject (deny) on the session ACL
whitelist.
Specifies an entry that is allowed (permit) on the session
ACL whitelist.
— —
any
Specifies any IPv4 source address. — —
host <ip-addr>
Indicates a specific IPv4 source address. — —
proto
Protocol that the session traffic is using. — —
IP protocol number
Specifies the IP protocol number that is permitted or
denied.
1-255 —
start port
Specifies the starting port, in the port range, on which
session traffic is running.
1-65535 —
last port
Specifies the last port, in the port range, on which
session traffic is running.
1-65535 —
ftp
Specifies the File Transfer Protocol. — —
http
Specifies the Hypertext Trasfer Protocol. — —
https
Specifies the Secure HTTP Protocol. — —
icmp
Specifies the Internet Control Message Protocol. — —
snmp
Specifies the Simple Network Management Protocol. — —
ssh
Specifies the Secure Shell. — —
telnet
Specifies the Telnet protocol. — —
tftp
Specifies the Trivial File Transfer Protocol. — —
bandwidth-contract <name>
Specify the name of a bandwidth contract defined via
the cp-bandwidth-contract command.
— —