27-6
C
HAPTER
27: P
ACKET
F
ILTERS
To create a filter file on your PC:
1
Open a new text file. Enter a file descriptor on the first line:
#filter
Be sure not to leave any blank space before the file descriptor. If you do, you’ll
cause an error to occur.
2
Enter a file section header followed by a colon for protocol rules you want to
define. For example, if you want to define IP filtering rules, enter the following
section header:
IP:
You can comment a section header out by placing a # (pound) sign before the
section header. This is useful to insert a placeholder for a protocol section you’ll be
defining in the future.
3
Enter the protocol rules for the protocol section you are defining. Observe the
following guidelines:
Begin each rule with a unique line number (1-999)
Arrange rules in increasing order within each protocol section
Arrange rules so that the rules you expect to be matched
most frequently
are
at the top of the list
Delimit each rule with a semi-colon (;)
For example:
#filter
IP:
010 ACCEPT src-addr = 128.100.033.001;
020 ACCEPT dst-addr = 200.135.038.009;
4
Add filtering action if different from the default value of PERMIT.
For example:
030 DENY;
5
Continue to define protocol rules for each protocol section you want to filter.
Then, visually inspect the file to ensure that it meets the requirements described in
this chapter.
This step is important, since you cannot edit the filter file from within the
OfficeConnect Gateway. To make any changes, you must modify the original filter
file on your PC, using a text editor, and TFTP the modified file back to the
OfficeConnect Gateway, replacing the original file.
Save the filter file using a .flt extension. The filter file extension will allow you to
differentiate the filter file from other files stored in FLASH memory.
6
Access the CLI on the OfficeConnect Gateway. Configure your PC as a TFTP client
by adding the following command:
add TFTP client <hostname or IP address>
Содержание OfficeConnect 3C100XF
Страница 1: ...http www 3com com OfficeConnect Gateway CLI User s Guide Release 1 0 Part No 10042302 Rev AA ...
Страница 14: ...xiv ...
Страница 18: ...iv ABOUT THIS GUIDE ...
Страница 30: ...1 12 CHAPTER 1 USING THE COMMAND LINE INTERFACE CLI ...
Страница 50: ...3 14 CHAPTER 3 ADMINISTRATIVE CLI COMMANDS ...
Страница 58: ...4 8 CHAPTER 4 CONFIGURING AND MANAGING USERS ...
Страница 70: ...6 8 CHAPTER 6 BRIDGING COMMANDS ...
Страница 78: ...8 4 CHAPTER 8 INTERFACE COMMANDS ...
Страница 82: ...9 4 CHAPTER 9 ARP COMMANDS ...
Страница 88: ...11 4 CHAPTER 11 DHCP COMMANDS ...
Страница 124: ...12 36 CHAPTER 12 IP ROUTING COMMANDS ...
Страница 134: ...13 10 CHAPTER 13 DNS COMMANDS ...
Страница 142: ...15 6 CHAPTER 15 MULTICASTING AND IGMP COMMANDS ...
Страница 160: ...17 8 CHAPTER 17 PPP COMMANDS ...
Страница 182: ...21 6 CHAPTER 21 ADDRESS TRANSLATION COMMANDS ...
Страница 186: ...22 4 CHAPTER 22 IPSEC COMMANDS ...
Страница 188: ...23 2 CHAPTER 23 SECURITY ASSOCIATION SA COMMANDS ...
Страница 192: ...24 4 CHAPTER 24 TCP COMMANDS ...
Страница 204: ...25 12 CHAPTER 25 SNMP COMMANDS ...
Страница 210: ...26 6 CHAPTER 26 IP FILTERS COMMANDS ...
Страница 238: ...29 6 CHAPTER 29 TRACEROUTE COMMANDS ...
Страница 255: ...xv RFC 1483 16 3 RFC 1483 MER 16 4 ...
Страница 256: ...xvi ...
Страница 260: ......