Traffic/Security Filters
Configuring Traffic/Security Filters
[< forward | drop > < port-list >]
Specifies whether the designated destination port(s)
should forward or drop the filtered traffic.
[protocol < ip | ipx | arp | dec-lat | appletalk | sna | netbeui >]
(5300xl only.) Specifies a protocol type. Traffic received
(on any port) with this protocol type will be filtered.
(Default: Forward on all ports.)
The no form of the command deletes the protocol filter
for the specified protocol and returns the destination
ports for that filter to the Forward action.
[< forward | drop > < port-list >]
Specifies whether the designated destination port(s)
should forward or drop the filtered traffic.
For example, suppose you wanted to configure the filters in table 9-3 on a
5300xl switch. (The 3400cl/6400cl switches allow only the source-port filter
shown as the first entry in table
9-3. For more on source-port filters, refer to
“Configuring a Source-Port Traffic Filter” on page 9-16.)
Table 9-3. Filter Example
Filter Type Filter Value Action Destination Ports
Source-Port Inbound ports: A1, A2*
Multicast 010000-123456
Multicast 010000-224466
Protocol Appletalk
Protocol ARP
Drop D1-D4
Drop C1-C24, D5-D10
Drop B1-B4
Drop C12-C18, D1
Drop D17, D21-D24
*Because the switch allows one inbound port in a source-port filter, the
requirement to filter ports A1 and A2 means you will configure two
separate source-port filters.
The following commands configure the filters listed above:
9-20
To Next Page
Loading...
Need help?
General