Use this command to display policy classification and admin rule information.
| rule | Show current Policy Rule. |
| all | Optional, show all policy rules |
| profile-index | Optional: Specify the profile index |
| admin-profile | Optional: Show rule based on Policy ID of 0 |
| mask | Optional: Show rule based on the number of most significant bits to match data value. |
| mask | Optional: Show rule based on the number of most significant bits to match data value. Range = 1 - 144. |
| port-string | Optional: Show rule based on the port number on which this rule is applied; single port in port-string format. |
| port-string | Optional: Show rule based on the port number on which this rule is applied; single port in port-string format. |
| storage-type | Optional: Show rule based on its non-volatile storage type (V - volatile; NV - non-volatile). |
| non-volatile | Show rule with non-volatile storage type. |
| volatile | Show rule with volatile storage type. |
| drop | Show rules that are set to 'drop' any packets which match this rule. |
| forward | Show rules that are set to 'forward' any packets which match this rule. |
| cos | Optional: Show rules with Class of Service. |
| cos | Optional: Show rules with Class of Service [0-255] or -1. |
| admin-pid | Policy ID. |
| admin-pid | Policy ID. Range = 0 - 102. |
| wide | Optional: Extend the concise view beyond 80 columns to display complete rule data. |
| detail | Optional: show all rule information in detail. |
| port | Port string. |
| port | Port string - (data: 1; mask: 16). |
| macdest | MAC destination address. |
| macdest | MAC destination address - (data: a-b-c-d-e-f; mask: 1-48). |
| ip6dest | IPv6 address. |
| ip6dest | IPv6 address (data: aaaa::bbbb; mask 1-128). |
| ipsource | Source IP address. |
| ipsource | Source IP address - (data: a.b.c.d; mask: 1-32). |
| ipdest | Destination IP address. |
| ipdest | Destination IP address - (data: a.b.c.d.; mask: 1-32). |
| ipfrag | IP fragmentation flag. |
| tcpdestportIP | TCP port dst with optional post-fix IPv4 address. |
| tcpdestportIP | TCP port dst with optional post-fix IPv4 address - (data: ab[:c.d.e.f]); mask: 1-48. |
| udpdestportIP | UDP port dst with optional post-fix IPv4 address. |
| udpdestportIP | UDP port dst with optional post-fix IPv4 address - (data: ab[:c.d.e.f]); mask: 1-48. |
| tcpsourceportIP | TCP port src with optional post-fix IPv4 address. |
| tcpsourceportIP | TCP port src with optional post-fix IPv4 address - (data: ab[:c.d.e.f]); mask: 1-48. |
| udpsourceportIP | UDP port src with optional post-fix IPv4 address. |
| udpsourceportIP | UDP port src with optional post-fix IPv4 address - (data: ab[:c.d.e.f]); mask: 1-48. |
| ipttl | IP time to live. |
| ipttl | IP time to live - (data: 0-255). |
| iptos | IPv4 type of service / IPv6 traffic class field. |
| iptos | IPv4 type of service / IPv6 traffic class field - (data: 0-255; mask: 1-8). |
| ipproto | Protocol field in IP packet. |
| ipproto | Protocol field in IP packet - (data: 0-255 or 0-0xFF; mask: 1-8). |
| ether | Type field in Ethernet II packet. |
| ether | Type field in Ethernet II packet - (data: 0-65535 or 0x0-0xFFFF; mask: 1-16). |
Use this command to display policy classification and admin rule information.
x460-G2-SUM46.75 # show pol rule Admn|Rule Type |Rule Data |Msk|PortStr |RS|ST|STDO|dPID|aPID|Mir|U| admn|MACSource |00-11-22-33-44-55 | 48|1 | A|NV| | | 7| |?| admn|Port |1 | 16|1 | A|NV| | | 1| |?| admn|Port |2 | 16|2 | A|NV| | | 1| |?| admn|Port |3 | 16|3 | A|NV| | | 1| |?| admn|Port |40 | 16|40 | A|NV| | | 1| |?| PID |Rule Type |Rule Data |Msk|PortStr |RS|ST|STDO|VLAN|CoS |Mir|U| 1 |IPv6Dest |1111::2222 |128|1 | A|NV|Y | | | |?| 1 |IPv6Dest |2222::3333 |128|2 | A|NV|Y | | | |?| 10 |Port |4:3 | 16|4:3 | A|NV| |fwrd| | |?|
This command was first available in ExtremeXOS release 16.1.
This command is available on the Summit X450-G2, X460-G2, X670-G2, X770, and ExtremeSwitching X440-G2, X620, X690, X870 series switches.
Print
this page
Email this topic
Feedback
View PDF
Download EPUB