User Guide
OmniAccess SafeGuard OS Administration Guide
333
Chapter 7: Establishing a Security Policy
filter System_CPAuthRedir-2 from any to any tcp 16979 redirect-cpu precedence
2
!
policy user System_Redirect
severity MAJOR
filter System_Redirect-radius from any to any udp 1812 copy-cpu precedence 1
filter System_Redirect-dhcp-1 from any to any udp 67 copy-cpu precedence 2
filter System_Redirect-dhcp-2 from any to any udp 68 copy-cpu precedence 3
filter System_Redirect-krb from any to any udp 88 copy-cpu precedence 4
filter System_Redirect-krb-tcp from any to any tcp 88 copy-cpu precedence 5
The following sample shows the output of user policies:
(OmniAccess 2400 SafeGuard) #show policy user all
policy user global_policy
filter global1 from any to any application-group outsideFTP deny log
precedence 10
!
policy user j9
description “Tech Pubs”
filter pubs from any to any any permit
!
policy user port_restrict_policy
description "Restrict Eng from server 172.80.10.4"
filter hrFilter from any to host 172.80.10.4 any deny log
!
Showing System White-Black List
The show system white-black list command displays all of the nodes that are in the list.
show system white-black list
The command does not have any options or parameters.
The output of the command displays the number of items in the list. It also provides the
source MAC address, action, and a description (if configured) for each list item in tabular
format.
For example,
(SafeGuardOS) #show system white-black list
Contents of system white and black list
---------------------------------------
Number of Rows:2
MAC Addr MAC Mask Action Description
-------- -------- ------ -----------
00:11:22:33:44:55 ff:ff:ff:ff:ff:ff permit you rock girl
11:22:33:44:55:66 ff:ff:ff:ff:ff:ff deny no way Jose
(SafeGuardOS) #