NauticaRS 5.5R Reference Guide
IPX Packet Filters
10-16
After a path is established, specific network connections across
the router can be allowed or rejected by defining IPX packet
filters. Packet filters consist of the two halves of the connection to
be filtered.
A Novell network address can be either an 'external' (cabling
scheme) or 'internal' (server process) network number, both of
which are used during a conversation between a locally attached
client and a file server.
If the
en-filter
parameter is set to reject-on-match in the ipx#
object
(page
10-4), then all connections apart from those specified
by packet filters are allowed through the router. When set to
forward-on-match
in the table are allowed through. All others are rejected.
Note:
If forward-on-match is used, a filter must be added that
contains both halves of the connection. This allows the router to
send and receive data between the connection pair.
A connection must also be allowed between the external address
of the client, and both the target file server internal and external
network addresses at each router in the link that has filtering
enabled.
Typing ls -l at the ipx# object prompt lists any filters you may
have created already:
ipx# ls -l
filter/remote
ipx#
Figure 10-3.
(page
10-4), only those connections defined
Packet Filter Listing
117237-E Rev.00