Filter Examples
27-11
Showing Filter File
Contents
show filter <filter_name>
Use this command to view the contents of a filter file that has been added to the
managed list of filters
For example, to view the contents of the filter file no_spam.flt, you would enter
the following:
show filter no_spam.flt
You can also display the contents of a filter file by protocol. To display the contents
of the filter file no_spam.flt for the IP-RIP protocol, you would enter the following:
show filter no_spam.flt protocol IP-RIP
Generating SYSLOG
Messages for Filtered
Packets
You can save part of a filtered packet to a configured SYSLOG server, allowing you
to track down a potentially malicious user.
set packet_logging
logging [all
|
none]
packet size [0-493 bytes]
The following table describes the parameters:
Filter Examples
This section briefly describes IP packet filtering options, and provides rule examples
for each IP packet filtering capability. This section includes the following topics:
Source and Destination Address Filtering
Masks
TCP and UDP Parameter Filtering
IP RIP Packet Filtering
ICMP Packet Filtering
Source and Destination
Address Filtering
Source and destination address filtering is generally used to limit permitted access
to trusted hosts and networks only, and to explicitly deny access to hosts and
networks that are not trusted, or to limit external access to a given host (for
example, a Web server or a firewall).
The following filter file rule example would reject forwarding IP packets with a
source address of 192.77.100.32:
#filter
IP:
010 REJECT src-addr = 192.77.100.32;
Parameter
Description
All
Creates SYSLOG messages for all filtered packets
None
No SYSLOG messages generated
0 - 493 bytes
Use a number between 0 and 493 to specify how many bytes of
the discarded packet to send to SYSLOG
Содержание OfficeConnect 3C100XF
Страница 1: ...http www 3com com OfficeConnect Gateway CLI User s Guide Release 1 0 Part No 10042302 Rev AA ...
Страница 14: ...xiv ...
Страница 18: ...iv ABOUT THIS GUIDE ...
Страница 30: ...1 12 CHAPTER 1 USING THE COMMAND LINE INTERFACE CLI ...
Страница 50: ...3 14 CHAPTER 3 ADMINISTRATIVE CLI COMMANDS ...
Страница 58: ...4 8 CHAPTER 4 CONFIGURING AND MANAGING USERS ...
Страница 70: ...6 8 CHAPTER 6 BRIDGING COMMANDS ...
Страница 78: ...8 4 CHAPTER 8 INTERFACE COMMANDS ...
Страница 82: ...9 4 CHAPTER 9 ARP COMMANDS ...
Страница 88: ...11 4 CHAPTER 11 DHCP COMMANDS ...
Страница 124: ...12 36 CHAPTER 12 IP ROUTING COMMANDS ...
Страница 134: ...13 10 CHAPTER 13 DNS COMMANDS ...
Страница 142: ...15 6 CHAPTER 15 MULTICASTING AND IGMP COMMANDS ...
Страница 160: ...17 8 CHAPTER 17 PPP COMMANDS ...
Страница 182: ...21 6 CHAPTER 21 ADDRESS TRANSLATION COMMANDS ...
Страница 186: ...22 4 CHAPTER 22 IPSEC COMMANDS ...
Страница 188: ...23 2 CHAPTER 23 SECURITY ASSOCIATION SA COMMANDS ...
Страница 192: ...24 4 CHAPTER 24 TCP COMMANDS ...
Страница 204: ...25 12 CHAPTER 25 SNMP COMMANDS ...
Страница 210: ...26 6 CHAPTER 26 IP FILTERS COMMANDS ...
Страница 238: ...29 6 CHAPTER 29 TRACEROUTE COMMANDS ...
Страница 255: ...xv RFC 1483 16 3 RFC 1483 MER 16 4 ...
Страница 256: ...xvi ...
Страница 260: ......