Black Box LRA005A-R2 User Manual
Page 199
ASYNC ROUTER AR-P, AR-5, AND SYNC ROUTER REFERENCE MANUAL
199
Use the ripfilter command to configure and modify RIP filters. If enabled, all incoming and outgoing RIP
packets are filtered through RIP filters. There are three IPX filter lists:
• General (filter command)
• RIP (ripfilter command)
• SAP (sapfilter command)
Packets are checked for filter matches using these three lists in the order: general list, RIP list, SAP list.
Filtering restrictions apply to packets destined for the Router and those transitioning through the
Router. The result of passing a packet to the filtering module is a decision to allow or deny further
processing of the packet. The next hop is not considered.
Filtering is based on a prioritized list of filter expressions or FEs. Filter expressions are added to the
Router through use of the filter, ripfilter and sapfilter commands. The action specified in the first filter
expression found in the Filter list that matches the packet in question is applied.
All IPX filtering is disabled by default. Filtering takes effect when the enable command for a filter list
(General, RIP, or SAP) is entered by the user. Filter-list entries stay in place across reboots only if the
config save command is entered before restarting.
There is no notion of filter modes. The filter list can be a mix of allowed and denied
address/protocol/port/interface/flag/direction specifications.
The default action if no match is found is to allow the packet. A user can override this by specifying a
filter expression with wildcard address entries as the lowest priority filter expression.
Subcommands and parameters
ripfilter add name
Adds an RIP packet filter of name name.
name—A 1- to 6-character ASCII identifier chosen by the user to easily reference filter expressions.
Each filter expression must have a unique name.
[-i iface [/frame_type]]—Specify a legal interface. See the general description of interfaces at the
beginning of this chapter for more information.
iface—eth0, modem0-4, sync0
frame_type—Specified as part of the interface, and can be either 802.3, 802.2, SNAP or II (for
Ethernet Type 2). Use a slash to separate the iface from the frame_type, for example, eth0/802.2. If
left unspecified, the default frame_type is 802.3.
[-q query_type]—Specify the type of query.
query_type—Enter either request or response. If the query_type is not specified, it is assumed to be
both, for example, request and response.
[-n server_name]}—Specify the server name.
server_name—Name the server using an ASCII string of up to 48 characters. If server_name is not
specified, then it is assumed to be null (any server name).
-t {allow | deny | nodial}