Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 478

Advertising
background image

464

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

6

show firewall [dhcp snoop-table|dos stats] {on <DEVICE-NAME>}

show firewall flows {filter} {(dir|dst|ether|flow-type|icmp|igmp|ip|max-idle|

min-bytes|min-idle|min-pkts|not|port|src|tcp|udp)}

dhcp snoop-table

Displays DHCP snoop table entries

snoop-table – Displays DHCP snoop table entries

DHCP snooping acts as a firewall between non-trusted hosts and the DHCP server. Snoop table entries
contain MAC address, IP address, lease time, binding type, and interface information of non-trusted
interfaces.

dos stats

Displays Denial of Service (DoS) statistics
This option is not available in the User Exec mode.

on <DEVICE-NAME>

The following keyword is common to the ‘DHCP snoop table’ and ‘DoS stats’ parameters:

on <DEVICE-NAME> – Optional. Displays snoop table entries, or DoS stats on a specified device

<DEVICE-NAME> – Specify the name of the AP, wireless controller, or service platform.

firewall flows

Notifies a session has been established

filter

Optional. Defines additional firewall flow filter parameters

dir [wired-wired|
wired-wireless|
wireless-wired|
wireless-wireless]

Optional. Matches the packet flow direction

wired-wired – Wired to wired flows

wired-wireless – Wired to wireless flows

wireless-wired – Wireless to wired flows

wireless-wireless – Wireless to wireless flows

dst port
<1-65535>

Optional. Matches the destination port with the specified port

port <1-65535> – Specifies the destination port number from 1 - 65535

ether
[dst <MAC>|
host <MAC>|
src <MAC>|
vlan <1-4094>]

Optional. Displays Ethernet filter options

dst <MAC> – Matches only the destination MAC address

host <MAC> – Matches flows containing the specified MAC address

src <MAC> – Matches only the source MAC address

vlan <1-4094> – Matches the VLAN number of the traffic with the specified value. Specify a value from
1- 4094.

flow-type
[bridged|natted|routed|
wired|wireless]

Optional. Matches the traffic flow type

bridged – Bridged flows

natted – Natted flows

routed – Routed flows

wired – Flows belonging to wired hosts

wireless – Flows containing a mobile unit

icmp {code|type}

Optional. Matches flows with the specified Internet Control Message Protocol (ICMP) code and type

code – Matches flows with the specified ICMP code

type – Matches flows with the specified ICMP type

igmp

Optional.Matches Internet Group Management Protocol (IGMP) flows

ip [dst <IP>|
host <IP>|
proto <0-254>|
src <IP>]

Optional. Filters firewall flows based on the IPv4 parameters passed

dst <IP> – Matches destination IP address

host <IP> – Matches flows containing IPv4 address

proto <0-254> – Matches the IPv4 protocol number with the specified number

src <IPv4> – Matches source IP address

max-idle
<1-4294967295>

Optional. Filters firewall flows idle for at least the specified duration. Specify a max-idle value from 1 -
4294967295 bytes.

min-bytes
<1-4294967295>

Optional. Filters firewall flows with at least the specified number of bytes. Specify a min-bytes value from 1 -
4294967295 bytes.

Advertising
See also other documents in the category Brocade Computer Accessories: