Source-Port Filters; Operating Rules For Source-Port Filters - HP ProCurve 2910al Access Security Manual
Hide thumbs
Also See for ProCurve 2910al:
- Configuration manual (194 pages) ,
- Manual (126 pages) ,
- Installation and getting started manual (114 pages)
Table of Contents
Advertisement
Traffic/Security Filters and Monitors
Filter Types and Operation
11-4
Source-Port Filters
This filter type enables the switch to forward or drop traffic from all end nodes
on the indicated source-port to specific destination ports.
End
Node
"A"
Hub
End
Node
"B"
End
Node
"C"
Configuring a source-port filter to drop traffic received on port 1 with an outbound destination of port
2 means that End Nodes A, B, and C cannot send traffic to the server. To block traffic in the opposite
direction, you would also configure a source-port filter to drop traffic received on port 2 with an
outbound destination of port 1.
Figure 11-1. Example of a Source-Port Filter Application
Operating Rules for Source-Port Filters
■
You can configure one source-port filter for each physical port and
port trunk on the switch. (Refer to the filter command on page 11-18.)
You can include all destination ports and trunks in the switch on a
■
single source-port filter.
Each source-port filter includes:
■
One source port or port trunk (trk1, trk2, ...trkn)
•
•
A set of destination ports and/or port trunks that includes all
untrunked LAN ports and port trunks on the switch
•
An action (forward or drop) for each destination port or port trunk
When you create a source-port filter, the switch automatically sets the
filter to forward traffic from the designated source to all destinations for
which you do not specifically configure a "drop" action. Thus, it is not
necessary to configure a source-port filter for traffic you want the switch
to forward unless the filter was previously configured to drop the desired
traffic.
Port
Switch 8212zl
1
Configured for
Source-Port
Filtering
Server
Port
2
Hide quick links:
Advertisement
Table of Contents
