Ip filters configuration elements, Ip filters configuration elements 250 – Cabletron Systems CSX1000 User Manual

Page 250

Advertising
background image

USER’S GUIDE

250 CyberSWITCH

5.

Select the device to which you want to apply the forwarding filter.

6.

Select IP Information.

7.

Select either IP Input Filter or IP Output filter.

8.

Provide the filter name.

IP F

ILTERS

C

ONFIGURATION

E

LEMENTS

The following elements are described in terms of the individual comparisons which make up the
packet types. When an IP packet is subjected to a filter, the following comparisons are executed.
The final result of the comparisons is a “match” if all comparisons are true, and a “no match”
otherwise.

IP A

DDRESSES

These elements allow filtering based on the IP Addresses, which are expressed in two dotted
decimal quantities, a Mask and a Target. The comparison entails the logical “AND” operation of
the packet’s IP Address and the specified Mask. The result of this operation is compared against
the Target in either an EQUAL (EQ) or NOT EQUAL (NEQ) operation for determining if a match
has occurred. The mask is used to create wild card or don’t care conditions for the address
comparison (‘1’ bits are significant and ‘0’ bits are don’t cares).

Examples:

IP P

ROTOCOL

This element applies a check to the Protocol field of the IP header using either an EQUAL or NOT
EQUAL comparison. Symbolic mnemonics are supplied for the most popular upper level protocols
(TCP, UDP, ICMP); when using an EQUAL comparison on these values, the corresponding
protocol-specific comparisons are then enabled. A numeric value N (an unsigned quantity between
0 and 255) can be used for any other protocol without a specific mnemonic. “ANY” can also be
specified as the protocol and is the default value, along with an EQUAL comparison, to yield the
wild card value.

0.0.0.0 EQ 0.0.0.0

Matches any IP address (wildcard and de-
fault).

255.255.255.0 EQ 128.131.23.0

If Class B network 128.131.0.0 is subnetted
with 8 bits, this comparison matches any
host on subnet 23.

255.255.255.0 NEQ 128.131.23.0

If Class B network 128.131.0.0 is subnetted
with 8 bits, this comparison matches any
host except those on subnet 23

255.255.255.255 EQ 128.131.23.59

Matches exactly the host 128.131.23.59

255.255.255.255 NEQ 128.131.23.59

Matches every host except 128.131.23.59

Advertising
This manual is related to the following products:

CSX1200

Popular Brands
Popular manuals