User guide
Chapter 7: Using the Command Line Interface
170
Option Description
false Disables the IP access control feature.
<policy> is one of the options: accept, drop or reject.
Option Description
accept Accepts traffic from all IP addresses.
drop Discards traffic from all IP addresses, without
sending any failure notification to the source host.
reject Discards traffic from all IP addresses, and an ICMP
message is sent to the source host for failure
notification.
Tip: You can combine both commands to modify both of IP access control
parameters at a time. See Multi-Command Syntax (on page 214).
Example
The following command sets up two parameters of the IP access control
feature.
config:# security ipAccessControl enabled true defaultPolicy accept
Results:
The IP access control feature is enabled.
The default policy is set to "accept."
Adding an IP Access Control Rule
Depending on where you want to add a new IP access control rule in the
list, the command syntax for adding a rule varies.
To add a new IP access control rule to the bottom of the list, use
this command syntax:
config:# security ipAccessControl rule add <ip_mask> <option>
To add a new IP access control rule and insert it above or below
a specific rule number, use this command syntax:
config:# security ipAccessControl rule add <ip_mask> <option> <insert> <rule_number>
-- OR --