The default filter, The default filter 173, Figure 7-3 – Nortel Networks WEB OS 212777 User Manual

Web OS 10.0 Application Guide

Chapter 7: Filtering

n

173

212777-A, February 2002

The Default Filter

Before filtering can be enabled on any given port, a default filter should be configured. This
filter handles any traffic not covered by any other filter. All the criteria in the default filter must
be set to the full range possible (

any

). For example:

Figure 7-3 Assigning a Default Filter

In this example, the default filter is defined as Filter 224 in order to give it the lowest order of
precedence. All matching criteria in Filter 224 are set to the

any

state. If no other filter acts on

the traffic, Filter 224 processes it, denying and logging unwanted traffic.

Default filters are recommended (but not required) when configuring filters for IP traffic con-
trol and redirection. Using default filters can increase session performance but takes some of
the session binding resources. If you experience an unacceptable number of binding failures, as
shown in the Server Load Balancing Maintenance Statistics (

/stats/slb/maint

), you

may wish to remove some of the default filters.

>> # /cfg/slb/filt 224

(Select the default filter)

>> Filter 224# sip any

(From any source IP addresses)

>> Filter 224# dip any

(To any destination IP addresses)

>> Filter 224# proto any

(For any protocols)

>> Filter 224# action deny

(Deny matching traffic)

>> Filter 224# name deny unwanted traffic

(Provide a descriptive name for the

filter)

>> Filter 224# ena

(Enable the default filter)

>> Filter 224# adv

(Select the advanced menu)

>> Filter 224 Advanced# log enable

(Log matching traffic to syslog)

Allow

Redirect

Filtering by Destination IP Address Ranges

Deny

0.0.0.0

255.255.255.255

Filter 1

Filter 224

Filter 2