net self-allow
net self-allow(1) BIG-IP TMSH Manual net self-allow(1)
NAME
self-allow - Configures the default "allow list" for all self IP addresses on the BIG-IP(r) system when the
option allow-service of the component self is set to default.
MODULE
net
SYNTAX
Modify the self-allow component within the net module using the syntax shown in the following sections.
MODIFY
modify self-allow
options:
defaults [all | none]
defaults
[add | delete | replace-all-with] {
[protocol:port] ...
}
edit self-allow
options:
all-properties
DISPLAY
list self-allow
show running-config self-allow
options:
all-properties
defaults
one-line
DELETE
You cannot delete the default allow list.
DESCRIPTION
You can use the self-allow component to modify or display the default allow list for all self IP addresses on
the BIG-IP system when the option allow-service of the component self is set to default. The default allow
list displays which service and protocol ports allow connections from outside the system. The system refuses
connections made to a service or protocol port that is not on the list.
EXAMPLES
modify self-allow defaults all
Sets the default allow list to all. Then, if the value of the option allow-service of the net self component
is default, the system accepts traffic from all protocol port combinations.
modify self-allow default replace-all-with { tcp:55 }
Sets the default "allow list" for all self IP addresses on the system to TCP on port 55.
list self-allow defaults
Displays the default "allow list" for all self IP addresses on the system.
OPTIONS
defaults
Specifies to set the default allow list to one of the following:
all Specifies that all protocols and services allow connections from outside the system. Use this option
to open the system to complete access.
none Specifies that no protocols or services allow connections from outside the system.
protocol:port
Specifies a list of protocols/services that allow connections from outside the system.
replace-all-with
Specifies to replace the current protocols and services that allow connections from outside the
system with the specified protocols and services.
SEE ALSO
edit, list, modify, net vlan, net vlan-group, show, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2013. All rights reserved.
BIG-IP 2013-04-12 net self-allow(1)