Brocade Communications Systems 53-1001763-02 用户手册
130
Fabric OS Administrator’s Guide
53-1001763-02
Telnet protocol
6
ATTENTION
The rule number assigned has to precede the default rule number for this protocol. For
example, in the defined policy, the Telnet rule number is 2, therefore to effectively block Telnet,
the rule number to assign must be 1.
example, in the defined policy, the Telnet rule number is 2, therefore to effectively block Telnet,
the rule number to assign must be 1.
If you choose not to use 1, you will need to delete the telnet rule number 2 after adding this
rule. Refer to
rule. Refer to
on page 157 for more information on
deleting IP filter rules.
6. Save the new ipfilter policy by typing the ipfilter
--
save
command.
7. Verify the new policy is correct by typing the ipFilter
--
show command.
8. Activate the new ipfilter policy by typing the ipfilter
--
activate command.
switch:admin> ipfilter --activate BlockTelnet
9. Verify the new policy is active (the default_ipv4 policy should be displayed as defined).
switch:admin> ipfilter --show
Name: BlockTelnet, Type: ipv4, State: defined
Rule
Name: BlockTelnet, Type: ipv4, State: defined
Rule
Source IP
Protocol
Dest Port
Action
1
any tcp 23 deny
2
any tcp 22 permit
3
any tcp 22 permit
4
any tcp 897 permit
5
any tcp 898 permit
6
any tcp 111 permit
7
any tcp 80 permit
8
any tcp 443 permit
9
any udp 161 permit
10
any udp 111 permit
11
any udp 123 permit
12
any tcp 600
-
1023
permit
13
any udp 600
-
1023
permit
Name: default_ipv4, Type: ipv4, State: defined
Rule
Rule
Source IP
Protocol
Dest Port
Action
1
any tcp 22 permit
2
any tcp 23 permit
3
any tcp 897 permit
4
any tcp 898 permit
5
any tcp 111 permit
6
any tcp 80 permit
7
any tcp 443 permit
8
any udp 161 permit
9
any udp 111 permit
10
any udp 123 permit
11
any tcp 600
-
1023
permit
12
any udp 600
-
1023
permit
Unblocking Telnet
1. Connect to the switch through a serial port or SSH and log in as admin.
2. Type in the ipfilter
--
delete command.
on page 157 for more information on deleting IP
filter rules.