Table of Contents
Advertisement
Configuring IP Routing
Configuring WAN interfaces
Note: A filter definition cannot contain new lines. The syntax is shown here on multiple lines
for printing purposes only.
Keyword or argument Description
iptos
dir
dstip
srcip
proto
dstport
srcport cmp value If the srcport keyword is followed by a comparison symbol and
9-52
Specifies an IP filter.
Specifies filter direction. You can specify
ing into the MAX) or
If the
n.n.n.n/nn
dstip
filter sets bytes only in packets with that destination address. If a
subnet mask portion of the address is present, the MAX compares
only the masked bits. If the
address (0.0.0.0), or if this keyword and its IP address specification
are not present, the filter matches all IP packets.
If the
n.n.n.n/nn
srcip
filter sets bytes only in packets with that source address. If a subnet
mask portion of the address is present, the MAX compares only the
masked bits. If the
(0.0.0.0), or if this keyword and its IP address specification are not
present, the filter matches all IP packets.
Specifies a TCP/IP protocol number. A value of zero matches all
protocols. If you specify a nonzero number, the MAX compares it
to the Protocol field in packets. For a complete list of protocol num-
bers, see RFC 1700.
cmp value If the
dstport
port, the MAX compares the specified port to the destination port
of a packet. The comparison symbol can be < (less-than), = (equal),
> (greater-than), or != (not-equal). The port value can be one of the
following names or numbers: ftp-data (20), ftp (21), telnet (23),
smtp (25), nameserver (42), domain (53), tftp (69), gopher (70),
finger (79), www (80), kerberos (88), hostname (101), nntp (119),
ntp (123), exec (512), login (513), cmd (514), or talk (517).
a port name or number, the MAX compares the specified port to the
source port of a packet. The comparison symbol can be <
(less-than), = (equal), > (greater-than), or != (not-equal). The port
value can be one of the following names or numbers: ftp-data (20),
ftp (21), telnet (23), smtp (25), nameserver (42), domain (53), tftp
(69), gopher (70), finger (79), www (80), kerberos (88), hostname
(101), nntp (119), ntp (123), exec (512), login (513), cmd (514), or
talk (517).
(to filter packets going out of the MAX).
out
keyword is followed by a valid IP address, the TOS
keyword is followed by the zero
dstip
keyword is followed by a valid IP address, the TOS
keyword is followed by the zero address
srcip
keyword is followed by a comparison symbol and a
MAX 6000/3000 Network Configuration Guide
(to filter packets com-
in
Advertisement
Table of Contents
Related Manuals for Lucent Technologies MAX 6000
Related Products for Lucent Technologies MAX 6000
- Lucent Technologies MAP/100P
- Lucent Technologies Merlin Legend MLX-5
- Lucent Technologies Merlin Legend MLX-10
- Lucent Technologies MERLIN LEGEND MDW 9000
- Lucent Technologies MLC-model
- Lucent Technologies Merlin Legend MLX-10D
- Lucent Technologies Merlin Legend MLX-10DP
- Lucent Technologies Merlin Legend MLX-5D
- Lucent Technologies MERLIN LEGEND MLX Direct-Line Consoles
- Lucent Technologies MERLIN LEGEND Release 4.0 Single-Line Telephone
- Lucent Technologies Metropolis DMXplore
- Lucent Technologies MLS
- Lucent Technologies MDW 9030P
- Lucent Technologies Stinger MRT 19
- Lucent Technologies Stinger MRT 23
- Lucent Technologies MERLIN LEGEND MLX-10DPTM