video on demand1. show whether firewall is enabled or disabled
cl1:: firewall show
(system services firewall show)
Node Enabled Logging
-------------- ------- -------
grcm1 true false
grcm2 true false
2 entries were displayed.
2. show policies
cl1:: firewall policy show
Policy Service Action IP-List
---------------- ---------- ------ --------------------
cluster
dns allow 0.0.0.0/0
http allow 0.0.0.0/0
https allow 0.0.0.0/0
ndmp allow 0.0.0.0/0
(snipped)
3. add new policy to allow access for ssh to all ip's
cl1:: firewall policy create -policy mgmt -service ssh -action allow -ip-list 0.0.0.0/0
4. block all addresses except one.
cl1:: firewall policy modify mgmt -service ssh -action allow -ip-list 192.168.4.160/24
5. disable firewall
firewall modify -node grcm2 -enabled false