config
- system
- security
- [no] management-access-filter
- ip-filter
- default-action {permit | deny | deny-host-unreachable}
- [no] entry entry-id
- action {permit | deny | deny-host-unreachable}
- no action
- description description-string
- no description
- dst-port port [mask]
- no dst-port
- [no] log
- [no] protocol protocol-id
- router router-instance
- router service-name service-name
- no router
- src-ip {ip-prefix [/mask] [netmask] | ip-prefix-list ip-prefix-list-name}
- no src-ip
- src-port {port-id | cpm | lag lag-id}
- no src-port
- renum old-entry-number new-entry-number
- [no] shutdown