Bay Networks 6300 Supplement Manual page 179
Supplement to the remote annex administrator’s guide for unix
Hide thumbs
Also See for 6300:
- Hardware installation manual (138 pages) ,
- Quick start manual (60 pages) ,
- Ordering manual (2 pages)
Table of Contents
Advertisement
Book A
Remote Annex 6300 Supplement to the Remote Annex Administrator's Guide for UNIX
•
When one of these filters matches a packet, the RA 6300
discards the packet and sends the ICMP message destination
unreachable, communication administratively prohibited to the
originator of packet. To discard the packet without sending a
message, specify discard instead of icmp.
The following example creates a filter that logs the arrival of every IP
packet on the Ethernet interface (en0). The example omits the network
protocol family because it is optional; IP is assumed.
filter: add en0 input include src_addr * syslog
Logging events requires configuration (see Logging User and
RA 6300 Events on page B-33 for more information).
The following example allows packets to and from 132.254.100.2 and
132.254.100.3 to be forwarded over interface en0; all other packets are
discarded.
filter: add en0 input exclude address_pair 132.254.100.2\
>
* discard
filter: add en0 input exclude address_pair 132.254.100.3\
>
* discard
The following example allows UDP and ICMP packets to and from
132.254.100.2 and 132.2534.100.3 to be forwarded over interface en0;
all other packets are discarded.
filter: add en0 input exclude address_pair 132.254.100.2 *\
>
protocol icmp discard
filter: add en0 input exclude address_pair 132.254.100.3 *\
>
protocol icmp discard
filter: add en0 input exclude address_pair 132.254.100.2 *\
>
protocol udp discard
filter: add en0 input exclude address_pair 132.254.100.3 *\
>
protocol udp discard
Chapter 10
Filtering
A-151
Advertisement
Table of Contents
