net self-allow
net self-allow(1) BIG-IP TMSH Manual net self-allow(1)
NAME
self-allow - Configures the default "allow list" for all self IP addresses on the BIG-IP(r) system when the option
allow-service of the component self is set to default.
MODULE
net
SYNTAX
Modify the self-allow component within the net module using the syntax shown in the following sections.
MODIFY
modify self-allow
options:
defaults [all | none]
defaults
[add | delete | replace-all-with] {
[protocol:port] ...
}
edit self-allow
options:
all-properties
DISPLAY
list self-allow
show running-config self-allow
options:
all-properties
defaults
one-line
DELETE
You cannot delete the default allow list.
DESCRIPTION
You can use the self-allow component to modify or display the default allow list for all self IP addresses on the BIG-IP
system when the option allow-service of the component self is set to default. The default allow list displays which service
and protocol ports allow connections from outside the system. The system refuses connections made to a service or protocol
port that is not on the list.
EXAMPLES
modify self-allow defaults all
Sets the default allow list to all. Then, if the value of the option allow-service of the net self component is default,
the system accepts traffic from all protocol port combinations.
modify self-allow default replace-all-with { tcp:55 }
Sets the default "allow list" for all self IP addresses on the system to TCP on port 55.
list self-allow defaults
Displays the default "allow list" for all self IP addresses on the system.
OPTIONS
defaults
Specifies to set the default allow list to one of the following:
all Specifies that all protocols and services allow connections from outside the system. Use this option to open the
system to complete access.
none Specifies that no protocols or services allow connections from outside the system.
protocol:port
Specifies a list of protocols/services that allow connections from outside the system.
replace-all-with
Specifies to replace the current protocols and services that allow connections from outside the system with the
specified protocols and services.
SEE ALSO
edit, list, modify, net vlan, net vlan-group, show, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2013. All rights reserved.
BIG-IP 2013-04-12 net self-allow(1)