apps diameter-whitelist

Required Command-Line Mode = Configure

Use the apps diameter-whitelist command to configure diameter whitelisting.

The apps diameter-whitelist command has the following syntax:

apps diameter-whitelist alias <diameter whitelist file alias>
   add username <username>
   create
   delete <all | username <username>>
   destroy
   fetch <add | delete> <URL for a diameter whitelist file>

The following table describes the arguments for the apps diameter-whitelist command:

Argument

Description

diameter-whitelist alias <diameter whitelist file alias>

Specifies an alias of the whitelist file.

 add username <username>

Adds a user name entry to a whitelist. You can specify up to 15 numeric digits.

For example:

(config) # apps diameter-whitelist alias dia-wl add username 123456789123456

create

Creates a new whitelist.

For example:

(config) # apps diameter-whitelist alias dia-wl create

To create a whitelist, refer to How to Create a Whitelist.

delete username <username>

Specifies actions for delete as follows:

all—Deletes all whitelist entries.
username—Deletes a single username entry from a whitelist.

When using delete all to delete a whitelist, unlike destroy, you do not have to delete the whitelist maps, the GigaSMART operation, or disassociate the GigaSMART group from the whitelist.

Examples:

(config) # apps diameter-whitelist alias dia-wl delete username 123456789123456

(config) # apps diameter-whitelist alias dia-wl delete all

destroy

Destroys a whitelist.

For example:

(config) # apps diameter-whitelist alias dia-wl destroy

When using destroy to delete a whitelist, unlike delete all, you must first delete the whitelist maps, the GigaSMART operation, and disassociate the GigaSMART group from the whitelist before deleting the whitelist. For the procedure to destroy the whitelist, refer to How to Delete a Whitelist.

fetch <add | delete> <URL for a diameter whitelist file>

Specifies actions for fetch as follows:

add—Downloads a whitelist file from a specified URL and path.
delete—Deletes the user name entries, located in the whitelist file at the specified URL and path, from the whitelist on the node.

To fetch a specified whitelist file from a location, use one of the following formats:

http://IPaddress/path/filename.txt
scp://username:password@IPaddress:/path/filename.txt

For diameter whitelisting in a cluster, only fetch the whitelist to the master node in the cluster. On non-master nodes, fetch is not available.

Examples:

(config) # apps diameter-whitelist alias dia-wl fetch add http://1.1.1.1/tftp/temp/MyIDs1.txt
(config) # apps diameter-whitelist alias dia-wl2 fetch add scp://user1:mypw@1.1.1.1:/home/temp/C_ID_file1.txt

(config) # apps diameter-whitelist alias dia-wl fetch delete http://1.1.1.1/tftp/temp/MyIDstoDelete.txt
(config) # apps diameter-whitelist alias dia-wl fetch delete scp://user1:mypw@1.1.1.1:/home/temp/C_ID_delfile.txt

How to Create a Whitelist

To create a whitelist, use the following CLI command sequence:

Task

Command

Create the whitelist.

(config) # apps diameter-whitelist alias dia-wl create

Associate the GigaSMART group to the whitelist.

(config) # gsparams gsgroup gsg1 diameter-whitelist add dia-wl

Configure the GigaSMART operation.

(config) # gsop alias dia_wl flow-ops diameter-whitelist lb app diameter metric hashing key username port-list gsg1

Add single entries to the whitelist.


or

Fetch and download whitelist files.

(config) # apps diameter-whitelist alias diameter-scp1 add username 123455546666


(config) # apps diameter-whitelist alias diameter-scp1 fetch add http://1.1.1.1/tftp/temp/whitelist1.txt
(config) # apps diameter-whitelist alias diameter-scp1 fetch add http://1.1.1.1/tftp/temp/whitelist2.txt

Create a second level map, the whitelist map. When the map configuration is complete, the whitelist will take effect.

Note:  The diameter whitelist map does not have any rules.

(config) # map alias diameter-WL-S11
(config map alias diameter-WL-S11) # type secondLevel flowWhitelist-diameter
(config map alias diameter-WL-S11) # from vp1
(config map alias diameter-WL-S11) # use gsop diameter_wl1
(config map alias diameter-WL-S11) # to pg-wl-1
(config map alias diameter-WL-S11) # exit
(config) #

How to Delete a Whitelist

To destroy the entire whitelist, use the following CLI command sequence:

Task

Command

Delete a whitelist map.

(config) # no map alias diameter-WL-S11

Delete the GigaSMART operation.

(config) # no gsop alias diameter_wl1

Disassociate the GigaSMART group from the whitelist. (You do not need to delete the gsgroup.)

(config) # gsparams gsgroup gsg1 diameter-whitelist delete

Destroy () the entire whitelist.

(config) # apps diameter-whitelist alias sip-scp1 destroy

Related Commands

The following table summarizes other commands related to the apps diameter-whitelist command:

Task

Command

Displays a particular user name associated with the GigaSMART group.

# show gsgroup diameter-whitelist alias gsg1 username 302701237777777

Displays the diameter whitelist entry count.

# show apps diameter-whitelist alias diameter-scp count