Security—“filter if source, Programmable filtering – Perle Systems IOLINK-PRO IOLINK-520 User Manual

Page 66

Advertising
background image

Programmable Filtering

IOLINK-PRO & 520 Reference Manual —

B.3

Security—“Filter if Source”

Filter if Source is a function that allows you to filter an Ethernet frame if the source address of the frame equals the

address that the Filter if Source function has been applied to.

Example:

Assume that a Personal Computer is located on segment 1 on the local bridge/router. This station is a community

station that various departments may use for general processing. However, this station may only access those services

that exist on its local segment, and it must be restricted from accessing any services on remote LANs. This can be

easily accomplished with a “Filter if Source.”

The Ethernet Address for this Personal Computer is: 01-02-03-04-05-06

Again, this address uniquely identifies this computer station.

To configure the bridge/router to ensure that this station is unable to access facilities on a remote LAN segment,

follow the instructions below:

1

From the MAIN MENU of the console of the local bridge/router, enter a 1.
(Enter a “=“ from any menu to go back to the MAIN MENU.)

This will place you at the CONFIGURATION MENU, where access to the filtering menu is obtained.

2

From the CONFIGURATION MENU, enter an 8.
This will place you at the FILTER SET-UP MENU, where access to the individual filtering menus is

obtained.

3

From the FILTER SET-UP MENU, enter a 1.
This will place you at the MAC ADDRESS FILTERS MENU, where access to the MAC Address filters is

obtained.

4

From the MAC ADDRESS FILTERS MENU, make sure that the Filter Operation is currently set to

“positive.”
This will cause the MAC Address Filters specified to be used for filtering frames with the specified MAC

addresses.

5

From the MAC ADDRESS FILTERS MENU, enter a 1.
This will place you at the first EDIT MAC ADDRESS FILTER MENU screen.

At the prompt enter the MAC address for which you want to specify the filter.

6

Enter the 12-digit Ethernet address of the Personal Computer system in the following format:

010203040506 (enter a Return)

The edit screen will fill in the information that the table knows about this address. For this example, let us

assume that it knows that the address status is [not present] and is of [unknown] location.

In this example, the bridge/router is not aware of this station as of yet. The station has probably not been

active for the bridge/router to “learn” any information about it.

Therefore, you will have to tell the bridge/router a little bit more about the station.

7

Enter a 2 to enter the location of the station.

Advertising
Popular Brands
Popular manuals