Traffic/Security Filters
Configuring Traffic/Security Filters
Figure 9-6. Example of Switch Response to Adding a Filtered Source Port to a Trunk
Editing a Source-Port Filter
The switch includes in one filter the action(s) for all destination ports and/or
trunks configured for a given source port or trunk. Thus, if a source-port filter
already exists and you want to change the currently configured action for
some destination ports or trunks, use the filter source-port command to update
the existing filter. For example, suppose you configure a filter to drop traffic
received on port 8 and destined for ports 1 and 2. The resulting filter is shown
on the left in figure
9-7. Later, you update the filter to drop traffic received on
port 8 and destined for ports 3 through 5. Since only one filter exists for a given
source port, the filter on traffic from port 8 appears as shown on the right in
figure
9-7:
Figure 9-7. Assigning Additional Destination Ports to an Existing Filter
Configuring a Multicast or Protocol Traffic
Filter (5300xl Switches Only)
Syntax: [no] filter
[multicast < mac- address >]
(5300xl only.) Specifies a multicast address. Inbound
traffic received (on any port) with this multicast address
will be filtered. (Default: Forward on all ports.)
The no form of the command deletes the multicast filter
for the < mac-address > multicast address and returns the
destination ports for that filter to the Forward action.
9-19
To Next Page
Loading...
