net self-allow
net self-allow(1) BIG-IP TMSH Manual net self-allow(1)
NAME
self-allow - Configures the default "allow list" for all self IP
addresses on the BIG-IP(r) system when the option allow-service of the
component self is set to default.
MODULE
net
SYNTAX
Modify the self-allow component within the net module using the syntax
shown in the following sections.
MODIFY
modify self-allow
options:
defaults [all | none]
defaults
[add | delete | replace-all-with] {
[protocol:port] ...
}
edit self-allow
options:
all-properties
DISPLAY
list self-allow
show running-config self-allow
options:
all-properties
defaults
one-line
DELETE
You cannot delete the default allow list.
DESCRIPTION
You can use the self-allow component to modify or display the default
allow list for all self IP addresses on the BIG-IP system when the
option allow-service of the component self is set to default. The
default allow list displays which service and protocol ports allow
connections from outside the system. The system refuses connections
made to a service or protocol port that is not on the list.
EXAMPLES
modify self-allow defaults all
Sets the default allow list to all. Then, if the value of the option
allow-service of the net self component is default, the system accepts
traffic from all protocol port combinations.
modify self-allow default replace-all-with { tcp:55 }
Sets the default "allow list" for all self IP addresses on the system
to TCP on port 55.
list self-allow defaults
Displays the default "allow list" for all self IP addresses on the
system.
OPTIONS
defaults
Specifies to set the default allow list to one of the following:
all Specifies that all protocols and services allow connections
from outside the system. Use this option to open the system
to complete access.
none Specifies that no protocols or services allow connections
from outside the system.
protocol:port
Specifies a list of protocols/services that allow connections
from outside the system.
replace-all-with
Specifies to replace the current protocols and services that
allow connections from outside the system with the specified
protocols and services.
SEE ALSO
edit, list, modify, net vlan, net vlan-group, show, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2013. All rights
reserved.
BIG-IP 2013-04-12 net self-allow(1)