Enterasys ATX User Manual page 56

Using ATX Port Filtering
4. You can use Boolean AND/OR operators to logically link a series of filters
5. To use a range of Source Addresses as a filter criteria:
4-6
flow as an aid in determining your network design or usage policies before
actually reconfiguring the network.
• NO (the default) indicates that you want to create an actual filter.
together for packets received on the defined port.
Port filters are maintained in a table. Each filter that you define is assigned an
index number in the table — incrementing the previous index number by one.
Port filtering is a one pass, sequential operation — that is, when a packet
enters a port, it is checked against each filter defined for that port in turn and
then filtered or forwarded, as appropriate.
When filters are defined for the same port number and Entry or Exit value, you
can use Boolean operators to group two or more filters together so they act as
a single filter, or to indicate that a filter be treated as an individual entity.
By linking Port filters with a Boolean AND operator, a packet must meet the
condition of this filter, as well as any succeeding filters linked by ANDs that
have been defined for the specified port and have the same Entry or Exit
value. For example, if an entry filter set to screen AppleTalk packets is ANDed
with an entry filter set to screen packets with a broadcast address, the
cumulative effect of the filters will only screen broadcast AppleTalk packets,
letting other broadcast or AppleTalk packets be forwarded from the port.
When a Port filter is given a Boolean OR operator, a packet received on the
defined port is only checked against the conditions set in the single filter. If the
two filters mentioned previously had an OR operator between them, all
broadcast packets and all AppleTalk packets would be filtered from being
forwarded through the port.
Click on the Boolean Operator: AND/OR button to determine whether this
filter will be combined with other filters with the same Entry or Exit value that
are defined for the same port.
a. Toggle the button to AND as the Boolean operator to filter packets by
using this filter and the succeeding Port Filter (as entered in the Port
Filters list) for same port.
b. Toggle the button to OR (the default) to filter packets based only on the
criteria specified within this filter.
a. In the Filter Parameters section, click on the Source Address Range
check box to activate the Source Address Range text fields.
b. Indicate whether you want the specified address range to be exclusive or
inclusive for filtering purposes.
1.) Click to activate (highlight) the Not In Range check box if you want to
filter on any source address outside of the specified range.
Editing the Port Filters Table