Filtering

hp-nas-filter-rule

Type #: 61

Platforms supported: All

Description: Toggle the physical port where the client is attached

Length: <=255

Type: String

Value range: Access Control Entry

Format:

HP-nas-filter-rule += "deny in tcp from any to any 20,21 cnt",

HP-nas-filter-rule += "permit in ip from any to any cnt"

hp-access-profile

Type #: 62

Platforms supported: All

Description: Raw ACL string to apply for packets from user

Length: 32

Type: String

Value range: This attribute sets the access profile for the user for EWA (Enhanced Web Authentication). The value will be used to create a redirect URL based on the users profile.

Format: HP-Access-Profile = "1.1.1.1 ;/usr/local/tests"

hp-ipv6-rules

Type #: 63

Platforms supported: All

Description: Name of access profile IDM to switch (must be fewer than 32 octets)

Length: 4

Type: Integer

Value range:

1 - both IPv6 and IPv4 traffic rules will be applied

0 - only IPv4 traffic rules will be applied and ipv6 traffic will be denied

Format: HP-Nas-Rules-IPv6=1

hp-egress-vland-id

Type #: 64

Platforms supported: All

Description: When set to 1, enables IPv6 support for filter/traffic rules

Length: 4

Type: Integer

Value range: vlan id value

Format:

<tagged/untagged(0x31 or 0x32)>000<VLAN_ID (as hex)>

The value of Egress-VLANID is a bit string, the first 8 bits specify whether the VLAN is tagged or untagged and must be either 0x31 (tagged) or 0x32 (untagged). The next 12 bits are padding 0x000, and the final 12 bits are the VLAN ID as an integer value. For example, the value to set VLAN 17 as a tagged egress VLAN would be 0x31000011

HP-Egress-Vlan-id = 0x31000011

hp-egress-vlan-name

Type #: 65

Platforms supported: All

Description: VSA equivalent of RFC 4675 attributes

Length: <=255

Type: String

Value range: vlan name value

Format:

<tagged/untagged(1 or 2)><VLAN Name String>

HP-Egress-Vlan-Name = 1VLAN100

or

HP-Egress-Vlan-Name = 2VLAN200