application commands
system services firewall policy modify
Suggest changes
-
PDF of this doc site
Collection of separate PDF docs
Creating your file...
Modify a firewall policy entry for a network service
Availability: This command is available to cluster administrators at the admin privilege level.
Description
The system services firewall modify command enables you to modify the list of IP addresses and netmasks associated with a firewall policy.
Parameters
-vserver <vserver>- Vserver Name-
Use this parameter to specify the Vserver of the policy to modify.
-policy <textpolicy_name>- Policy-
Use this parameter to specify the name of the policy to modify.
-service <service>- Service-
Use this parameter to specify the policy's network service to modify.
[-allow-list <IP Address/Mask>,…]- Allowed IPs-
Use this parameter to specify one or more IP addresses with corresponding netmasks that are allowed by this firewall policy. The correct format for this parameter is address/netmask, similar to "192.0.2.128/25". Multiple address/netmask pairs should be separated with commas. Use the value
0.0.0.0/0for "any".
Examples
The following example modifies the firewall policy named data that uses the NDMP protocol to enable access from all addresses on the 192.0.2.128 subnet:
cluster1::> system services firewall policy modify -policy data -service ndmp -allow-list 192.0.2.128/25