Filter Policies
7705 SAR OS Router Configuration Guide 317
Modifying an IP Filter Policy
To access a specific IPv4 or IPv6 filter, you must specify the filter ID. Use the no form of the
command to remove the command parameters or return the parameter to the default setting.
Example: config>filter>ip-filter# description "New IP filter
info"
config>filter>ip-filter# entry 2 create
config>filter>ip-filter>entry# description "new entry"
config>filter>ip-filter>entry# action drop
config>filter>ip-filter>entry# match dst-ip
10.10.10.104/32
config>filter>ip-filter>entry# exit
config>filter>ip-filter#
Example: config>filter>ipv6-filter# description "IPv6 filter
info"
config>filter>ipv6-filter# entry 3 create
config>filter>ipv6-filter>entry# description "new entry"
config>filter>ipv6-filter>entry# action drop
config>filter>ipv6-filter>entry# match dst-ip
10::12/128
config>filter>ipv6-filter>entry# exit
config>filter>ipv6-filter#
The following output displays a modified IP filter output.
A:ALU-7>config>filter# info
----------------------------------------------
..
ip-filter 11 create
description "New IP filter info"
scope exclusive
entry 1 create
match
dst-ip 10.10.10.0/29
src-ip 10.10.10.106/24
exit
action drop
exit
entry 2 create
description "new entry"
match
dst-ip 10.10.10.104/32
exit
action drop
exit
entry 15 create
description "no-91"
match
dst-ip 10.10.10.91/24
src-ip 10.10.10.10/32
To Next Page
Loading...
