Creating Filters Using Command Line Interface
6-35
1 ACCEPT generic=>origin=FRAME/offset=12/length=2/mask=0xFFFF/value=0x0800;
# Allow ARP traffic
2 ACCEPT generic=>origin=FRAME/offset=12/length=2/mask=0xFFFF/value=0x0806;
# Allow IPX traffic
3 ACCEPT generic=>origin=FRAME/offset=12/length=2/mask=0xFFFF/value=0x8136;
4 ACCEPT generic=>origin=FRAME/offset=12/length=2/mask=0xFFFF/value=0x8137;
999 DENY;
Step by Step Guide to
Creating Filter Files
Using CLI
You can create filter files using any text editor. Once the file is created, use the
Trivial File Transfer Protocol (TFTP) to place the filter file in the router FLASH
memory.
To create a filter file using CLI:
1
Open a new text file. Enter the file descriptor on the first line:
#filter
2
Enter a file section header followed by a colon for the protocol rules you want to
define. For example, if you want to define IP filtering rules, enter the following
section header:
IP:
3
You can comment a section header out by placing a # sign before the section
header. This is useful if you want to insert a placeholder for a protocol section you
will define in the future.
4
Enter the protocol rules for the protocol section you are defining. Observe the
following guidelines.
■
Begin each rule with a unique line number ranging from 1 - 10.
■
Arrange rules in increasing line number order within each protocol section.
■
Arrange rules so that the rules you expect to be matched most frequently are
toward the top of the list
■
Delimit each rule with a semi-colon. Example:
IP 1 ACCEPT src-addr = 128.100.33.1;
2 ACCEPT dst-addr = 200.135.38.9;
999 DENY;
5
Continue to define protocol rules for each protocol section you want to filter.
6
Inspect the file to ensure that it meets all filtering rules.
7
This step is important since you cannot edit the filter file from within the CLI. To
edit the file, you must modify the it using a text editor, TFTP the modified file into
the FLASH (replacing the original file) and verify the filter using the verify filter
command.
8
Save the filter file using a 12.3 FLT extension. The filter file extension will allow you
to differentiate the filter file from other files stored in the router FLASH memory.
9
You can use the list files command to ensure the filter file was successfully stored
in the router FLASH memory.
10
Configure a PC as a Trivial File Transfer Protocol (TFTP) client of the router by
entering
add TFTP client
<hostname or IP address>
.
To use CLI, see the CLI User’s Guide for instructions for connecting the console
cable and communicating with the OfficeConnect Remote 812 using a terminal
emulator like Microsoft’s HyperTerminal.
Summary of Contents for OfficeConnect 3CP4144
Page 1: ...http www 3com com OfficeConnectTM Remote 812 ADSL Router CLI User s Guide Release 1 1 ...
Page 20: ...2 4 CHAPTER 2 CLI COMMAND CONVENTIONS AND TERMINOLOGY ...
Page 30: ...4 8 CHAPTER 4 QUICK SETUP ...
Page 36: ...5 6 CHAPTER 5 QUICK VC SETUP ...
Page 76: ...6 40 CHAPTER 6 MANUAL SETUP ...