12-7
Traffic/Security Filters and Monitors
Filter Types and Operation
A named source-port filter must first be defined and configured before it can
be applied. In the following example two named source-port filters are
defined, web-only and accounting.
HP Switch(config)# filter source-port named-filter web-
only
HP Switch(config)# filter source-port named-filter
accounting
By default, these two named source-port filters forward traffic to all ports and
port trunks.
To configure a named source-port filter to prevent inbound traffic from being
forwarded to specific destination switch ports or port trunks, the drop option
is used. For example, on a 26-port switch, to configure the named source-port
filter web-only to drop any traffic except that for destination ports 1 and 2, the
following command would be used:
HP Switch(config)# filter source-port named-filter web-
only drop 3-26
A named source-port filter can be defined and configured in a single command
by adding the drop option, followed by the required destination-port-list.
Syntax: filter source-port named-filter <filter-name > drop < destination-port-list >
Configures the named source-port filter to drop traffic having
a destination on the ports and/or port trunks in the <
destination-port-list >. Can be followed by the forward option
if you have other destination ports or port trunks previously
set to drop that you want to change to forward. For example:
filter source-port named-filter <filter-name > drop < destina-
tion-port-list > forward < destination-port-list>
The destination-port-list may contain ports, port trunks, and
ranges (for example 3-7 or trk4-trk9) separated by commas.
Syntax: filter source-port named-filter <filter-name > forward
< destination-port-list >
Configures the named source-port filter to forward traffic
having a destination on the ports and/or port trunks in the
<destination-port-list>. Since “forward” is the default state for
destinations in a filter, this command is useful when
destinations in an existing filter are configured for “drop”
and you want to change them to ”forward”. Can be followed
by the drop option if you have other destination ports set to
forward that you want to change to drop. For example:
filter source-port named-filter <filter-name > forward <
destination-port-list > drop < destination-port-list >
To Next Page
Loading...
