cancel
Showing results for 
Search instead for 
Did you mean: 

B5 and S-Series switch policy profile with multiple rules

B5 and S-Series switch policy profile with multiple rules

GREG_RICHARDSON
New Contributor

I’m assuming this is possible but I’m not sure how to do it.

For example based on the GTAC guide “How to Block Bonjour traffic with Policy via Command Line Interface” I know how to drop this IPv4 traffic.

I would like to add to this existing rule another rule that drops the IPv6 version of this traffic (or, better yet, simply drop all IPv6 traffic) but I can’t seem to find a clear example of adding to existing rules using the CLI.

Is there a guide to this somewhere?

 

 

 

1 ACCEPTED SOLUTION

e_steuber
New Contributor II

Just add the entry to the existing rule

 

set policy profile 1 name DropIPv6

set policy rule 1 ether 0x86dd mask 16 drop

 

Where the ‘1’ in both lines is the Policy Profile Index.

Since the policy rules in one profile are evaluated by precedence there is no ‘line number’ whiel adding a rule to a profile

View solution in original post

1 REPLY 1

e_steuber
New Contributor II

Just add the entry to the existing rule

 

set policy profile 1 name DropIPv6

set policy rule 1 ether 0x86dd mask 16 drop

 

Where the ‘1’ in both lines is the Policy Profile Index.

Since the policy rules in one profile are evaluated by precedence there is no ‘line number’ whiel adding a rule to a profile

GTM-P2G8KFN