Filter
Top Products
Fabric OS Administrator’s Guide 191
53-1002745-02
Telnet protocol
6
ATTENTION
The rule number assigned must precede the default rule number for this protocol. For
example, in the defined policy, the Telnet rule number is 2. Therefore, to effectively block
Telnet, the rule number to assign must be 1.
If you choose not to use 1, you must delete the Telnet rule number 2 after adding this rule.
Refer to “Deleting a rule from an IP Filter policy” on page 223 for more information on deleting
IP filter rules.
6. Save the new IP filter policy by typing the ipfilter
--save command.
7. Verify the new policy is correct by typing the ipFilter
--show command.
8. Activate the new IP filter policy by typing the ipfilter
--activate command.
switch:admin> ipfilter --activate BlockTelnet
9. Verify the new policy is active (the default_ipv4 policy should be displayed as defined).
switch:admin> ipfilter --show
Name: BlockTelnet, Type: ipv4, State: defined
Rule Source IP Protocol Dest Port Action
1 any tcp 23 deny
2 any tcp 22 permit
3 any tcp 22 permit
4 any tcp 897 permit
5 any tcp 898 permit
6 any tcp 111 permit
7 any tcp 80 permit
8 any tcp 443 permit
9 any udp 161 permit
10 any udp 111 permit
11 any udp 123 permit
12 any tcp 600 - 1023 permit
13 any udp 600 - 1023 permit
Name: default_ipv4, Type: ipv4, State: defined
Rule Source IP Protocol Dest Port Action
1 any tcp 22 permit
2 any tcp 23 permit
3 any tcp 897 permit
4 any tcp 898 permit
5 any tcp 111 permit
6 any tcp 80 permit
7 any tcp 443 permit
8 any udp 161 permit
9 any udp 111 permit
10 any udp 123 permit
11 any tcp 600 - 1023 permit
12 any udp 600 - 1023 permit
Unblocking Telnet
Use the following procedure to unblock Telnet access.
1. Connect to the switch through a serial port or SSH and log in as admin.
2. Enter the ipfilter
--delete command.