1. Manuals
  2. Brands
  3. 3Com Manuals
  4. Modem
  5. HomeConnect 3CP3647
  6. Cli user's manual

Generic Filter Rule; Step By Step Guide To Creating Filter Files - 3Com HomeConnect 3CP3647 Cli User's Manual

Adsl modem ethernet
Hide thumbs Also See for HomeConnect 3CP3647:
Table of Contents

Advertisement

4-4
C
4: F
C
HAPTER
ILTERING

Generic Filter Rule

Step by Step Guide to
Creating Filter Files
APABILITIES
The OR operation can be implemented by successive rules. For example, to accept
a packet if the source address is xxx, or the destination address is yyy, the
following rules are used:
BR-ETH:
1 ACCEPT src-addr=00-20-69-00-00-01;
2 ACCEPT dst-addr=00-20-69-00-00-02;
999 DENY;
The following table describes the keywords for the bridge protocol section and
their legal operators used in the rule syntax. (xx is a hex number).
Table 4-2 Protocol Keywords
ProtocolSection
Keyword
BR-ETH
src-addr
dst-addr
generic
The syntax for generic filters is slightly different than that for other protocol filters:
<line #> <verb> GENERIC => ORIGIN = FRAME/OFFSET = <# of bytes>/
LENGTH = <# of bytes>/MASK = < 0x Mask>/VALUE = <0x value>
ORIGIN - The location in the packet to start the offset count. This is at byte 0
(FRAME).
OFFSET - The number of bytes from the origin to skip before comparing the
value to the packet contents.
LENGTH - The number of bytes in the packet to compare to the value.
MASK - The mask to logically "and" with the packet contents before
comparing with the value (hex).
VALUE - The value (hex) to compare to the packet contents.
For example, a generic bridge filter to prevent all IP packets from being bridged is:
BR-ETH:
1 reject
generic=>origin=frame/offset=12/length=2/mask=0xFFFF/value=0x0800;
This section presents a step-by-step guide for creating and applying filters. These
steps assume that the filter file is created on a remote workstation and then
transferred to FLASH memory using TFTP. If you use the CLI create text command
to create the filter file, you can omit steps 9 and 10.
To create a filter file:
1 Open a new text file. Enter the file descriptor on the first line: #filter
2 Enter the section header followed by a colon for the protocol rules you want to
define. For example: BR-ETH:
3 You can comment a section header out by placing a # sign before the section
header. This is useful if you want to insert a placeholder for a protocol section you
Operators Description and Value Range
=, !=
Source MAC address (xx-xx-xx-xx-xx-xx)
=, !=
Destination MAC address (xx-xx-xx-xx-xx-xx)
=
Generic filter

Advertisement

Table of Contents
loading

Related Manuals for 3Com HomeConnect 3CP3647

Related Products for 3Com HomeConnect 3CP3647

Table of Contents