Filter Policy Entities
A filter policy compares the match criteria specified within a filter entry to packets coming
through the system, in the order the entries are numbered in the policy. When a packet matches all
the parameters specified in the entry, the system takes the specified action to either drop or forward
the packet. If a packet does not match the entry parameters, the packet continues through the filter
process and is compared to the next filter entry, and so on. If the packet does not match any of the
entries, then system executes the default action specified in the filter policy. Each filter policy is
assigned a unique filter ID. Each filter policy is defined with:
•
•
•
•
Each filter entry contains:
•
•
Applying Filter Policies
Filter policies can be associated with the following entities:
Table 14: Applying Filter Policies
Security CPM filter
CRON TOD-suite
Router interface
Egress multicast group
VLL SAP, spoke SDP
IES interface SAP,
subscriber-interface
7750 SR OS Router Configuration Guide
Scope
Default action
Description
At least one filter entry
Match criteria
An action
IP Filter
MAC Filter
N/A
CRON TOD-suite
N/A
Egress multicast group
VLL SAP, spoke SDP
N/A
Filter Policies
IPv6 Filter
Security CPM filter
CRON TOD-suite
Router interface
Egress multicast group
VLL SAP, spoke SDP
IES interface SAP,
subscriber-interface
Page 277