Custom Packet Filters - 3Com corebuilder 3500 Implementation Manual

214 C 10: P F
HAPTER ACKET ILTERING
Placing a filter on the receive path confines the packet to the segment
that it originated from if it does not meet the forwarding criteria. Placing
a filter on the transmit path prohibits a packet from accessing certain
segments unless it meets the forwarding criteria. The system discards any
packet that does not meet the forwarding criteria on the transmit path.
If you want to filter packets destined for the switch itself (for example,
ping packets or Telnet packets), you must use the receive internal path.
They are not filtered on the receive all path.

Custom Packet Filters

You create custom packet filters by writing a packet filter definition.
Software implements custom filters. Consequently, use custom filters only
on ports and paths that need them. Processing too many frames in
software can affect performance on the ports where custom filters are
assigned.
If you are trying to filter a certain type of broadcast or multicast packet
assign the filter to either the txM or the rxM paths, allowing only unicast
traffic to bypass the filter.
Each packet-processing path on a port may have a unique custom packet
filter definition or may share a definition with other ports on the system.
Custom packet filter definitions are written in the packet filter language,
which allows you to construct complex logical expressions.
After you write a packet filter definition, you load it onto a system; the
corresponding port assignments are preserved in the nonvolatile memory
(NVRAM) of the system, thus ensuring that the packet filter configuration
for each system is saved across system reboots and power failures.