Basic configuration, Figure 27, Applying an ip filter to an ingress interface – Alcatel-Lucent 7750 SR OS User Manual
Page 308
Basic Configuration
Page 308
7750 SR OS Router Configuration Guide
Basic Configuration
The most basic IP, IPv6, and MAC filter policies must have the following:
•
A filter ID
•
Template scope, either exclusive or template
•
Default action, either drop or forward
•
At least one filter entry
→ Specified action, either drop or forward
→ Specified matching criteria
The following example displays a sample configuration of an IP filter policy. The configuration
blocks all incoming TCP session except Telnet and allows all outgoing TCP sessions from IP net
10.67.132.0/24.
depicts the interface to apply the filter.
A:ALA-1>config>filter# info
----------------------------------------------
ip-filter 3 create
entry 10 create
match protocol 6
dst-port eq 23
src-ip 10.67.132.0/24
exit
action forward
exit
entry 20 create
match protocol 6
tcp-syn true
tcp-ack false
exit
action drop
exit
exit
----------------------------------------------
A:ALA-1>config>filter#
Figure 27: Applying an IP Filter to an Ingress Interface
ALA-1
Ingress
Filter
TCP Connection
OSRG007