apps gtp-whitelist
Use the apps gtp-whitelist command to configure GTP forward listing.
Note: The apps gtp-whitelist commands are not persistent across a node restart, nor do they appear in the output of the running configuration.
The apps gtp-whitelist command has the following syntax:
apps gtp-whitelist alias <GTP whitelist file alias> add
imsi <IMSI number >
|ran <mcc.mnc.eci < eci number> | mcc.mnc.nci <nci number>>
<create | delete>
imsi <IMSI number> |
ran <mcc.mnc.eci < eci number> | mcc.mnc.nci <nci number>> | all
destroyfetch <add | delete> <URL for a GTP whitelist file>
The following table describes the arguments for the apps gtp-whitelist command:
Argument |
Description |
|||||||||||||||||||||||||||
gtp-whitelist alias <GTP whitelist file alias> |
Specifies an alias of the forward list file. Examples of valid names are wlist, imsi-database_2. |
|||||||||||||||||||||||||||
add imsi <IMSI number| ran <mcc.mnc.eci < eci number> | mcc.mnc.nci <nci number>>> |
Specifies actions for add as follows:
For example: (config) # apps gtp-whitelist alias wlf1 add imsi 318260109318283 (config) # apps gtp-whitelist alias ran_db add ran 210.32.345678912 apps gtp-whitelist alias ran_db add ran 755.56.0xf12345678
|
|||||||||||||||||||||||||||
create |
Creates a new forward list. For example: (config) # apps gtp-whitelist alias wlf1 create To create a whitelist, refer to How to Create a Forward List. |
|||||||||||||||||||||||||||
delete <all | imsi <IMSI number> |ran <mcc.mnc.eci < eci number> | mcc.mnc.nci <nci number>>> |
Specifies actions for delete as follows:
When using delete all to delete a forward list, unlike destroy, you do not have to delete the forward list maps, the GigaSMART operation, or disassociate the GigaSMART group from the forward list.
Examples: (config) # apps gtp-whitelist alias wlf1 delete imsi 318260109318283 (config) # apps gtp-whitelist alias wlf1 delete all |
|||||||||||||||||||||||||||
destroy |
Destroys a forward list. For example: (config) # apps gtp-whitelist alias wlf1 destroy When using destroy to delete a forward list, unlike delete all, you must first delete the forward list maps, the GigaSMART operation, and disassociate the GigaSMART group from the forward list before deleting the forward list. For the procedure to destroy the forward list, refer to How to Delete a Forward List. |
|||||||||||||||||||||||||||
fetch <add | delete> <URL for a GTP whitelist file> |
Specifies actions for fetch as follows:
For both add and delete, forward list files must adhere to the following:
To fetch a specified forward list file from a location, use one of the following formats:
For GTP forward listing in a cluster, only fetch the forward list to the leader in the cluster. On member nodes, fetch is not available. Examples: (config) # apps gtp-whitelist alias wlf1 fetch add http://1.1.1.1/tftp/temp/MyIMSIs1.txt (config) # apps gtp-whitelist alias wlf2 fetch add scp://user1:mypw@1.1.1.1:/home/temp/IMSI_file1.txt (config) # apps gtp-whitelist alias wlf3 fetch add tftp://192.168.51.41/temp/IMSI_20K_1.txt (config) # apps gtp-whitelist alias wlf1 fetch delete http://1.1.1.1/tftp/temp/MyIMSIstoDelete.txt (config) # apps gtp-whitelist alias wlf2 fetch delete scp://user1:mypw@1.1.1.1:/home/temp/IMSI_delfile.txt Note: In a single forward list file, both IMSI and RAN entries are supported. RAN entries should be given in the format as specified in the add option for single entry. |
How to Create a Forward List
To create a forward list, use the following CLI command sequence:
Task |
Command |
Create the forward list. |
(config) # apps gtp-whitelist alias wlf1 create |
Associate the GigaSMART group to the forward list. |
(config) # gsparams gsgroup gsg1 gtp-whitelist add wlf1 |
Configure the GigaSMART operation. |
(config) # gsop alias gtp_wl1 flow-ops gtp-whitelist lb app gtp metric hashing key imsi port-list gsg1 |
Add single entry to the whitelist.orFetch and download forward list files. |
(config) # apps gtp-whitelist alias wlf1 add imsi 318260109318283 (config) # apps gtp-whitelist alias wlf1 add imsi 318573850131409 (config) # apps gtp-whitelist alias wlf1 fetch add http://1.1.1.1/tftp/temp/whitelist1.txt (config) # apps gtp-whitelist alias wlf1 fetch add http://1.1.1.1/tftp/temp/whitelist2.txt |
Create from one to ten second level maps, the forward list maps. When the map configuration is complete, the forward list will take effect. Note: If no whitelist add rule is specified in the map, all traffic (all interfaces and all versions) will be passed. |
(config) # map alias GTP-Whitelist (config map alias GTP-Whitelist) # type secondLevel flowWhitelist (config map alias GTP-Whitelist) # from vp1( config map alias GTP-Whitelist) # use gsop gtp_wl1 (config map alias GTP-Whitelist) # to 1/2/x2 (config map alias GTP-Whitelist) # whitelist add gtp version 2 (config map alias GTP-Whitelist) # exit (config) # |
How to Delete a Forward List
To destroy the entire forward list, use the following CLI command sequence:
Task |
Command |
Delete a forward list map. |
(config) # no map alias GTP-Whitelist |
Delete the GigaSMART operation. |
(config) # no gsop alias gtp_wl1 |
Disassociate the GigaSMART group from the forward list. (You do not need to delete the gsgroup.) |
(config) # gsparams gsgroup gsg1 gtp-whitelist delete |
Destroy () the entire forward list. |
(config) # apps gtp-whitelist alias wlf1 destroy |
Related Commands
The following table summarizes other commands related to the apps gtp-whitelist command:
Task |
Command |
Configures a rule for a forward list map. |
# map alias <whitelist map> whitelist add gtp <interface | version> |
Displays a particular IMSI associated with the GigaSMART group. |
# show gsgroup flow-whitelist alias gsg1 imsi 318260109318283 |
Displays the GTP forward list entry count. |
# show apps gtp-whitelist alias wlf1 count |
For forward list maps, displays the total number of IMSI entries (under WL). |
# show map brief |
For forward list maps, displays the total number of IMSI entries. |
# show map alias <whitelist map> |
For forward list maps, displays the total number of IMSI entries. |
# show map stats alias <whitelist map> |