Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

PowerScaleOneFS CLI Command Reference

isi network firewall rules modify

Modify an existing firewall rule.

Syntax

isi network firewall rules modify <id>  
  [--name <string>]
  [--index <integer>]
  [--description <string> | --clear-description]
  [--protocol (ALL | UDP | TCP | ICMP | ICMP6)]
  [--dst-ports <ports> | --clear-dst-ports | --add-dst-ports <ports> | --remove-dst-ports <ports>]
  [--src-networks <ip_address> | --clear-src-networks | --add-src-networks <ip_address> | --remove-src-networks <ports>]
  [--src-ports <ports> | --clear-src-ports | --add-src-ports <ports> | --remove-src-ports <ports>]
  [--action (allow | deny | reject)]
  [--live]
  [{--verbose | -v}]

Options

<id>
Indicates the ID of the firewall rule to modify.

The <id> argument is a string that identifies the ID of a firewall rule consisting of a <policy_id> and a rule name, separated by a .. The rule name must be unique to the policy and consist of supported characters, not to exceed 32 characters.

Example: policy1.rule1

--name <string>
Specifies the name of the policy rule.
--index <integer>
Specifies an index number for this firewall rule.
--description <string>
Specifies a description of the firewall rule. This string cannot exceed 128 bytes.
--clear-description
Clears the description of the firewall rule.
--protocol (ALL | UDP | TCP | ICMP | ICMP6)
Indicates the protocol restricted by this firewall rule.
--dst-ports <ports>...
Indicates the list of destination network ports that will be restricted by this firewall rule. Specify --dst-ports for each additional network port to restrict.

The <ports> argument specifies the network port by the numeric number or by the service name string. These are the only two variables that can be used in this argument.

--clear-dst-ports
Clears the list of destination network ports restricted by this firewall rule.
--add-dst-ports <ports>...
Adds ports to the list of destination network ports restricted by this firewall rule. Specify --add-dst-ports for each additional destination port to add.

The <ports> argument specifies the network port by the numeric number or by the service name string. These are the only two variables that can be used in this argument.

--remove-dst-ports <ports>...
Removes ports from the list of destination network ports restricted by this firewall rule. Specify --remove-dst-ports for each additional destination port to remove.

The <ports> argument specifies the network port by the numeric number or by the service name string. These are the only two variables that can be used in this argument.

--src-networks <ip_address>...
Indicates the list of source IP addresses that will be restricted by this firewall rule. Specify --src-networks for each additional source IP address to restrict.

The <ip_address> argument is a string that defines an IPv4 or IPv6 address. IPv4 addresses must be valid IP addresses that are specified in dotted decimal octet format (xxx.xxx.xxx.xxx). IPv6 addresses must be valid IP addresses that are specified in hextets format (xxxx:xxxx:xxxx).

--clear-src-networks
Clears the list of source IP addresses restricted by this firewall rule.
--add-src-networks <ip_address>...
Adds source IP addresses that will be restricted by this firewall rule. Specify --add-src-networks for each additional source IP address to add.

The <ip_address> argument is a string that defines an IPv4 or IPv6 address. IPv4 addresses must be valid IP addresses that are specified in dotted decimal octet format (xxx.xxx.xxx.xxx). IPv6 addresses must be valid IP addresses that are specified in hextets format (xxxx:xxxx:xxxx).

--remove-src-networks <ip_address>...
Removes the source IP addresses that will be restricted by this firewall rule. Specify --remove-src-networks for each additional source IP address to remove.

The <ip_address> argument is a string that defines an IPv4 or IPv6 address. IPv4 addresses must be valid IP addresses that are specified in dotted decimal octet format (xxx.xxx.xxx.xxx). IPv6 addresses must be valid IP addresses that are specified in hextets format (xxxx:xxxx:xxxx).

--src-ports <ports>...
Indicates the list of source network ports that will be restricted by this firewall rule. Specify --src-ports for each additional network port to restrict.

The <ports> argument specifies the network port by the numeric number or by the service name string. These are the only two variables that can be used in this argument.

--clear-src-ports
Clears the list of source network ports restricted by this firewall rule.
--add-src-ports <ports>...
Adds source network ports that will be restricted by this firewall rule. Specify --add-src-ports for each additional network port to add.

The <ports> argument specifies the network port by the numeric number or by the service name string. These are the only two variables that can be used in this argument.

--remove-src-ports <ports>...
Removes the list of source network ports that will be restricted by this firewall rule. Specify --remove-src-ports for each additional network port to remove.

The <ports> argument specifies the network port by the numeric number or by the service name string. These are the only two variables that can be used in this argument.

--action (allow | deny | reject)
Indicates the default action for this firewall rule. The actions allow and deny will not provide an error. The action reject will reply with an error code.
--live
The --live option is used when issuing a command to create, modify, or delete a rule in an active policy. Changes will take effect immediately on all network subnets and pools associated with this policy.

Using the --live option on an inactive policy will be rejected and will return an error.

--verbose | -v
Displays more detailed information.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\