Skip to main content

system services firewall policy show

Contributors
Suggest changes
PDFs

(DEPRECATED)-Show firewall policies

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

Note This command is deprecated and may be removed in a future ONTAP release. Use network interface service-policy show instead.

The system services firewall policy show command displays information about firewall policies.

Note Some firewall policies contain a single entry for the "none" firewall service. You can consider these policies to be empty. When used by a logical network interface (LIF), an empty firewall policy will block all services managed using firewall policies.

Parameters

{ [-fields <fieldname>,…​]

If you specify the -fields <fieldname>,…​ parameter, the command displays only the fields that you specify.

| [-instance ] }

Use this parameter to display all the fields for the specified policies.

[-vserver <vserver>] - Vserver Name

Use this parameter to display information only about the Vserver you specify.

[-policy <textpolicy_name>] - Policy

Use this parameter to display information about the policy you specify.

[-service <service>] - Service

Use this parameter to display information about the services you specify.

[-allow-list <IP Address/Mask>,…​] - Allowed IPs

Use this parameter to display information about the firewall policies that match the list of allowed IP addresses and netmasks you specify. The correct format for this parameter is address/netmask, similar to "192.0.2.128/25". Multiple address/netmask pairs should be separated with commas.

[-ipspace <text>] - IPspace

Use this parameter to display information only about the IPspace you specify.

Examples

The following example displays information about all firewall policies:

cluster1::> system services firewall policy show
Vserver Policy       Service    Allowed
------- ------------ ---------- -------------------
cluster1
        data
                     dns        0.0.0.0/0, ::/0
                     ndmp       0.0.0.0/0, ::/0
                     ndmps      0.0.0.0/0, ::/0
cluster1
        intercluster
                     ndmp       0.0.0.0/0, ::/0
                     ndmps      0.0.0.0/0, ::/0
cluster1
        mgmt
                     dns        0.0.0.0/0, ::/0
                     http       0.0.0.0/0, ::/0
                     ndmp       0.0.0.0/0, ::/0
                     ndmps      0.0.0.0/0, ::/0
                     ntp        0.0.0.0/0, ::/0
                     snmp       0.0.0.0/0, ::/0
cluster1
        mgmt-nfs
                     dns        0.0.0.0/0, ::/0
                     http       0.0.0.0/0, ::/0
                     ndmp       0.0.0.0/0, ::/0
                     ndmps      0.0.0.0/0, ::/0
                     ntp        0.0.0.0/0, ::/0
                     snmp       0.0.0.0/0, ::/0
17 entries were displayed.

cluster1::>