ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • system services firewall policy modify

    (DEPRECATED)-Modify a firewall policy entry for a network service

    Availability: This command is available to cluster administrators at the admin privilege level.

    Description

    This command is deprecated and may be removed in a future ONTAP release. Use network interface service-policy modify-service instead.

    The system services firewall modify command enables you to modify the list of IP addresses and netmasks associated with a firewall policy.

    Parameters

    -vserver <vserver> - Vserver Name

    Use this parameter to specify the Vserver of the policy to modify.

    -policy <textpolicy_name> - Policy

    Use this parameter to specify the name of the policy to modify.

    -service <service> - Service

    Use this parameter to specify the policy’s network service to modify.

    [-allow-list <IP Address/Mask>,…​] - Allowed IPs

    Use this parameter to specify one or more IP addresses with corresponding netmasks that are allowed by this firewall policy. The correct format for this parameter is address/netmask, similar to "192.0.2.128/25". Multiple address/netmask pairs should be separated with commas. Use the value 0.0.0.0/0 for "any".

    Examples

    The following example modifies the firewall policy named data that uses the NDMP protocol to enable access from all addresses on the 192.0.2.128 subnet:

    cluster1::> system services firewall policy modify -policy data -service ndmp -allow-list 192.0.2.128/25
    Top of Page