aclglobal

The AclGlobal command is used to set Allow or Deny globally when no specific ACL is applied. By default the GlobalDropEnable attribute is set to false, meaning that all packets are allowed except those explicitly denied by a configured ACL. Conversely, if set to true, all packets are dropped except those explicitly allowed by a configured ACL.

Usage

FlexSwitch(config)#aclglobal GlobalDropEnable true

Settings

Context Description
GlobalDropEnable TRUE/FALSE Global traffic drop flag default: FALSE

Available Commands

Command Purpose
aclglobal GlobalDropEnable <boolean> Drop all traffic

Example

Commands:

FlexSwitch(config)#aclglobal GlobalDropEnable true
FlexSwitch(config)#apply

Response:

Applying Config:
id: 1   object: AclGlobal   status: APPLIED CONFIG  valid: True delete: False num user cmds: 2
 command                       attr         value      model attr    iskey    required    userprov    time provisioned         
-------------------------------------------------------------------------------------------------------------------------------
                               aclglobal    default    AclGlobal     True     X           X           Tue Sep  5 13:45:34 2017 
 aclglobal GlobalDropEnable    true         None                     True                 X           Tue Sep  5 13:45:34 2017 
 true                                                                                                                          

sdk:updateAclGlobal(default,GlobalDropEnable=FALSE) result: SUCCESS: http status code: 500