You can configure storage system network interfaces, including TOE-enabled interfaces, to block specified network protocols including CIFS, iSCSI, ftpd, NFS, or SnapMirror on selected interfaces.
You use the options interface command to block a specified protocol on a network interface, as shown in this example:
options interface.cifs.blocked "e9"
This blocks interface e9 from using the CIFS protocol.
You can block a protocol from more than one interface, as shown in this example:
options interface.cifs.blocked "e0a,e0b"
This blocks both interfaces e0a and e0b from using CIFS.
You can block several protocols from a single interface by entering multiple commands for an individual interface, as shown in this example:
options interface.nfs.blocked "e0a"
options interface.cifs.blocked "e0a"
options interface.ftpd.blocked "e0a"
These commands block NFS, CIFS, and ftpd from interface e0a.
If you want to block a protocol from a TOE-enabled interface, you must first set the interface to prevent offloading of the blocked protocol. You use the options ip command to do this, as shown in the following example of blocking the CIFS protocol:
options.ip.tcp.offload.protocol.cifs off
options interface.cifs.blocked "e9"
Each of the NFS, iSCSI, and SnapMirror protocols can be blocked with the commands used to block CIFS. However, if ftpd is to be blocked from a TOE interface, you must use the following commands:
options.ip.tcp.offload.protocol.misc.off
options interface.ftpd.blocked "e9"
If you want to remove a protocol block, enter the options interface command with no interface within the quotation marks:
options interface.cifs.blocked ""
This example removes any CIFS protocol blocks. Other protocols can be removed with a similar command.