We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
modify security firewall rule-list DIAMETER-NODES-RL-IPV4 rules add { ALLOW-FOREIGNNET-ICMP { place-before DEFAULT-DROP action accept description "Allow DIAMETER-NODES FOREIGNNET to Originate ICMP PING/TRACEROUTE" ip-protocol icmp icmp replace-all-with { 0 {} 8 {} 30 {} } log yes destination { address-lists add { DIAMETER-NODES-PARTNERNETWORK-BILLING-DRA } } source { address-lists add { DIAMETER-NODES-FOREIGNNET } } } } modify security firewall rule-list PARTNERNETWORK-RL-IPV4 rules add { ALLOW-PARTNERNETWORK-ICMP { place-before DEFAULT-DROP action accept description "Allow PARTNERNETWORK BILLING DRA to Originate ICMP PING/TRACEROUTE" ip-protocol icmp icmp replace-all-with { 0 {} 8 {} 30 {} } log yes destination { address-lists add { DIAMETER-NODES-FOREIGNNET } } source { address-lists add { DIAMETER-NODES-PARTNERNETWORK-BILLING-DRA } } } } create security firewall rule-list DIAMETER-NODES-RL-UDR-IPV4 { description "Rule List for DIAMETER-NODES UDR IPv4 Flows" rules replace-all-with { ALLOW-UDR-TCP { action accept description "Allow DIAMETER-NODES Originate TCP SSH UDR" ip-protocol tcp log yes destination { address-lists replace-all-with { DIAMETER-NODES-PARTNERNETWORK-BILLING-UDR } port-lists replace-all-with { SFTP-TCP } } source { address-lists replace-all-with { DIAMETER-NODES-FOREIGNNET } } } DEFAULT-DROP { action drop description "Drop Policy with Logging" log yes } } }
The text was updated successfully, but these errors were encountered:
bigip_security_rule_list: name: DIAMETER-NODES-RL-IPV4 partition: Common rules: - name: ALLOW-FOREIGNNET-TCP description: Allow DIAMETER-NODES FOREIGNNET to Originate TCP state: enabled protocol: tcp source: - [address|address_list|address_range|country_and_region] mutually exclusive [port|port_range|port_list] mutually exclusive vlan (type list) destination: - [address|address_list|address_range|country] mutually exclusive [port|port_range|port_list] mutually exclusive vlan (type list) irule: action: (accept|drop|reject|accept_decisively) logging: (bool) service_policy: string
Sorry, something went wrong.
Add module to adding rules to either firewall policies or firewall ru…
bd8f690
…le lists. Part of #489 and #275
c303ecb
caphrim007
No branches or pull requests
The text was updated successfully, but these errors were encountered: