interfaces dataplane <interface> firewall local <ruleset>

Enables control plane policing (CPP) on a data plane interface by applying a firewall instance or rule set.

set interfaces dataplane interface firewall local ruleset

delete interfaces dataplane interface firewall local ruleset

show interfaces dataplane interface firewall local ruleset

interface: The name of a data plane interface.

ruleset: A firewall rule set to be applied when packets are received on the interface and are destined to the vRouter.

Configuration mode

interfaces {
    dataplane interface {
        firewall {
            local ruleset
        }
    }
}

Use this command to enable CPP on a data plane interface by applying a firewall instance or rule set.

CPP has no effect on traffic that is traversing the vRouter or destined to the vRouter until the firewall rule set has been applied to the data plane by using this command.

To use CPP, you must first define a firewall rule set as a named firewall instance and then apply the firewall instance to a data plane interface by using this command. After the firewall instance or rule set is applied to the local keyword, the firewall is enabled to filter packets that are destined for the system itself.

Use the set form of this command to enable CPP on a data plane interface.

Use the delete form of this command to disable CPP on a data plane interface.

Use the show form of this command to display CPP configuration on a data place interface.

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

interfaces dataplane <interface> firewall local <ruleset>

Helpful Links

Key Resources