Table of Contents
Advertisement
Traffic/Security Filters
Configuring Traffic/Security Filters
8-22
For example, suppose you wanted to configure the filters in table 8-3 on a
switch. (For more on source-port filters, refer to "Configuring a Source-Port
Traffic Filter" on page 8-18.)
Table 8-3.
Filter Example
Filter Type
Filter Value
Source-Port
Inbound ports: A1, A2* Drop
Multicast
010000-123456
Multicast
010000-224466
Protocol
Appletalk
Protocol
ARP
*Because the switch allows one inbound port in a source-port filter, the
requirement to filter ports A1 and A2 means you will configure two
separate source-port filters.
The following commands configure the filters listed above:
Figure 8-8. Configuring Various Traffic/Security Filters
Filter Indexing
The switch automatically assigns each new filter to the lowest-available index
(IDX) number. The index numbers are included in the show filter command
described in the next section and are used with the show filter < index >
command to display detailed information about a specific filter.
If there are no filters currently configured, and you create three filters in
succession, they will have index numbers 1 - 3. However, if you then delete
the filter using index number "2" and then configure two new filters, the first
new filter will receive the index number "2" and the second new filter will
receive the index number "4". This is because the index number "2" was made
vacant by the earlier deletion, and was therefore the lowest index number
available for the next new filter.
Action
Destination Ports
D1-D4
Drop
C1-C24, D5-D10
Drop
B1-B4
Drop
C12-C18, D1
Drop
D17, D21-D24
Advertisement
Table of Contents
