HP StorageWorks Fabric OS 6.1.1 administrator guide (5697-0235, December 2009)
Fabric OS 6.1.1 administrator guide 125
Displaying an IP Filter policy
You can Display the IP Filter policy content for the specified policy name, or all IP Filter policies if policy
name is not specified.
For each IP Filter policy, the policy name, type, persistent state and policy rules are displayed. The policy
rules are listed by the rule number in ascending order. There is no pagination stop for multiple screens of
information. Pipe the output to the more command to achieve this.
If a temporary buffer exists for an IP Filter policy, the
--show sub-command displays the content in the
temporary buffer, with the persistent state set to no.
To display an IP Filter policy:
1. Log in to the switch using an account assigned to the admin role.
2. Issue the following command:
ipfilter –-show <policyname>
where
<policyname> is the name of the policy.
Saving an IP Filter policy
This will save one or all IP Filter policies persistently in the defined configuration. The policy name is
optional for this sub-command. If the policy name is given, the IP Filter policy in the temporary buffer will
be saved; if the policy name is not given, all IP Filter policies in the temporary buffer will be saved. Only
the CLI session that owns the updated temporary buffer may run this command. Modification to an active
policy cannot be saved without being applied. Hence, the
--save sub-command is blocked for the active
policies. Use
--activate instead.
To save an IP Filter policy:
1. Log in to the switch using an account assigned to the admin role.
2. Issue the following command:
ipfilter –-save [policyname]
where [policyname] is the name of the policy and is optional.
Activating an IP Filter policy
IP Filter policies are not enforced until they are activated. Only one IP Filter policy per IPv4 and IPv6 type
can be active. If there is a temporary buffer for the policy, the policy is saved to the defined configuration
and activated at the same time. If there is no temporary buffer for the policy, the policy existing in the
defined configuration will become active. The activated policy continues to remain in the defined
configuration. The policy to be activated will replace the existing active policy of the same type. Activating
the default IP Filter policies will return the IP management interface to its default state. An IP Filter policy
without any rule cannot be activated. This sub-command will prompt for a user confirmation before
proceeding.
To activate an IP Filter policy:
1. Log in to the switch using an account assigned to the admin role.
2. Issue the following command:
ipfilter –-activate <policyname>
where <policyname> is the name of the policy.
Deleting an IP Filter policy
You can delete a specified IP Filter policy. Deleting an IP Filter policy will remove it from the temporary
buffer. To permanently delete the policy from persistent database, run ipfilter
--save. An active IP
Filter policy cannot be deleted.
To delete an IP Filter policy: