4 filter – Black Box LRA005A-R2 User Manual

ASYNC ROUTER AR-P, AR-5, AND SYNC ROUTER REFERENCE MANUAL

217

domain cache size [count]

Set or display the current number of domain names that the cache can hold.

count—Enter the maximum number of domain names. If this parameter is omitted, the current setting

is displayed.

4.4 filter

Configure/display IP filter information

Syntax

filter add name {

[-s {[src_addr/bits] [src_port]}]
[-d {[dest_addr/bits] [dest_port]}]
[-p proto]
[-l [{syslog | trap | both}]]
[-i iface]

[-f {inbound | outbound}]}
-t {allow | deny | nodial | unreach}
[-o {before | after} existing_name]

filter delete name
filter {enable | disable}
filter flush
filter move name [{before | after} existing_name]
filter spoof iface [{allow | deny}] [syslog] [trap]
filter status
filter try src_addr [-s port] dest_addr [-d port] [-p proto]

Description

The filter command configures or displays the Internet Protocol (IP) filters.

Subcommands and parameters

filter add name

The filter add subcommand adds filter expressions (FEs) to a list that is stored in prioritized order, with
the first position assigned the highest-priority filter expression. Incoming and outgoing datagrams are
checked against the entry in the highest-priority position first.

Several options to the filter add subcommand exist. Options, variables, and parameters are described

next. It is important to note that one of the following options is required:

-s, -d, -p, -l, -i, or -f

If an option has no default, and is not specified in the filter entry, no match is attempted for that field.

filter add name

name—A 1 to 6 character ASCII identifier chosen by the user to easily reference filter expressions. Each

filter expression must have a unique name. Names beginning with a “$” are reserved for system use
(as IP “firewall” filter names).

[-s {[src_addr/bits] [src_port]}]