Bay Networks 6300 Supplement Manual page 288
Supplement to the remote annex administrator’s guide for unix
Hide thumbs
Also See for 6300:
- Hardware installation manual (138 pages) ,
- Quick start manual (60 pages) ,
- Ordering manual (2 pages)
Table of Contents
Advertisement
Chapter 15
Using RA 6300 Security
Remote Annex 6300 Supplement to the Remote Annex Administrator's Guide for UNIX
A-260
The following example creates a filter that discards any IP packets
destined for address 132.245.4.33 – if transmission of such packets is
attempted on the port from which user sam logs in.
user username=sam
filter output include dst_address 132.245.4.33 discard end
end
Like all other acp_userinfo entries (except deny), the filter entry can be
accompanied by other entries within the same user...end block. In the
following example, not only is the above filter created, but a pre-defined
macro named special_setup and the CLI command ppp are also executed
for user sam.
user username=sam
clicmd special_setup end
filter output include dst_address 132.245.4.33 discard end
clicmd ppp end
end
route
For a single user or for conditions that meet profile criteria, you can define
one or more IP routes in the acp_userinfo file. You can enter only one
route per line, but multiple routes are allowed within one user...end block.
Routes in acp_userinfo are entered into the routing table when their
interfaces become active, but they are not entered into the route cache.
You cannot use a route entry in acp_userinfo to define a default route.
The syntax for the route entry is:
route [–h] dest mask gateway [metric] end
Book A
Advertisement
Table of Contents
