Ip route filter rule options, Ip route filter rule modifiers – Compatible Systems 5.4 User Manual
Page 193
Chapter 11 - TCP/IP Filtering
187
IP Route Filter Rule Options
A direction can optionally be specified with in, out or both. If no direction is
specified, both is assumed.
•
Filter rules specifying in are only applied to routing packets coming into
the device.
•
Filter rules specifying out are only applied to routing packets being sent
from the device.
•
Filter rules specifying both are applied to routing packets in both direc-
tions.
IP Route Filter Rule Modifiers
Filter rules can be modified with the following parameters. When used, the
modifiers must be put in a filter rule in the order shown below. By default, a
filter rule is applied to all routing data.
•
via <protocol(s)> This modifier specifies that the filtering rule should
only be applied to routing data being received or transmitted by the
designated routing protocol. Allowed values are icmp, rip, and ripv2.
Multiple protocols may be listed, each separated by white space. The
icmp keyword implies redirected routes.
•
origin <protocol(s)> This modifier limits output rules to routes origi-
nating from the designated protocol. Allowed values are icmp, rip,
ripv2, static, and direct. Multiple protocols may be listed, each sepa-
rated by white space.
•
metricin <increment value> This modifier tells the device to increment
the metric on incoming routes which match the filter rule. The metric is
the number of routers on a route. By increasing or decreasing the metric,
a particular route can be made more or less attractive. The value to incre-
ment by can be from 1 to 15.
•
metricout <increment value> This modifier tells the device to increment
the metric on outgoing routes which match the filter rule. The metric is
the number of routers on a route. By increasing or decreasing the metric,
a particular route can be made more or less attractive. The value to incre-
ment by can be from 1 to 15.
•
from <IP address> or from <interface> This modifier tells the device to
apply the rule only to routes coming from a specified IP address (where
the address is in the same format as discussed above), or interface (e.g.
Ethernet 0, WAN 1, etc.).
•
to <IP address> or to <interface> This modifier tells the device to apply
the rule only to routes being sent to a specified IP address (where the
address is in the same format as discussed above), or interface (e.g.
Ethernet 0, WAN 1, etc.).