Raritan Computer EMX2-111 Manual Do Utilizador
Chapter 10: Using the Command Line Interface
261
Option
Description
reject
Discards traffic from all IP addresses, and an
ICMP message is sent to the source host for
failure notification.
ICMP message is sent to the source host for
failure notification.
Tip: You can combine both commands to modify all firewall control
parameters at a time. See
parameters at a time. See
Multi-Command Syntax
(on page 320).
Example
The following command sets up two parameters of the IPv4 access
control feature.
control feature.
config:#
security ipAccessControl ipv4 enabled true defaultPolicy accept
Results:
The IPv4 access control feature is enabled.
The default policy is set to "accept."
Managing Firewall Rules
You can add, delete or modify firewall rules using the CLI commands.
An IPv4 firewall control rule command begins with security
ipAccessControl ipv4 rule.
ipAccessControl ipv4 rule.
An IPv6 firewall control rule command begins with security
ipAccessControl ipv6 rule.
ipAccessControl ipv6 rule.
Adding a Firewall Rule
Depending on where you want to add a new firewall rule in the list, the
command syntax for adding a rule varies.
command syntax for adding a rule varies.
IPv4 commands
To add a new rule to the bottom of the IPv4 rules list, use this
command syntax:
config:#
security ipAccessControl ipv4 rule add <ip_mask> <policy>
To add a new IPv4 rule by inserting it above or below a specific
rule, use this command syntax: