Filter Types And Operation; Source-Port Filters; Operating Rules For Source-Port Filters - HP 3500yl Series Access Security Manual

Filter Types and Operation

Table 12-1. Filter Types and Criteria
Static Filter Selection Criteria
Type
Source-Port Inbound traffic from a designated, physical source-port will be forwarded or
dropped on a per-port (destination) basis.
Multicast Inbound traffic having a specified multicast MAC address will be forwarded to
outbound ports (the default) or dropped on a per-port (destination) basis.
Protocol Inbound traffic having the selected frame (protocol) type will be forwarded or
dropped on a per-port (destination) basis.

Source-Port Filters

This filter type enables the switch to forward or drop traffic from all end nodes
on the indicated source-port to specific destination ports.
End
Node
"A"
Hub
End
Node
"B"
End
Node
"C"
Configuring a source-port filter to drop traffic received on port 1 with an outbound destination of port
2 means that End Nodes A, B, and C cannot send traffic to the server. To block traffic in the opposite
direction, you would also configure a source-port filter to drop traffic received on port 2 with an
outbound destination of port 1.
Figure 12-1. Example of a Source-Port Filter Application

Operating Rules for Source-Port Filters

■ You can configure one source-port filter for each physical port and
port trunk on the switch. (Refer to the filter command on page 12-17.)
Traffic/Security Filters and Monitors
Port
Switch E8212zl
1
Configured for
Source-Port
Filtering
Filter Types and Operation
Server
Port
2
12-3