beautypg.com

Enterasys Networks ENTERASYS ATX User Manual

Page 56

background image

Using ATX Port Filtering

4-6

Editing the Port Filters Table

flow as an aid in determining your network design or usage policies before
actually reconfiguring the network.

NO (the default) indicates that you want to create an actual filter.

4.

You can use Boolean AND/OR operators to logically link a series of filters
together for packets received on the defined port.

Port filters are maintained in a table. Each filter that you define is assigned an
index number in the table — incrementing the previous index number by one.
Port filtering is a one pass, sequential operation — that is, when a packet
enters a port, it is checked against each filter defined for that port in turn and
then filtered or forwarded, as appropriate.

When filters are defined for the

same port number and Entry or Exit value, you

can use Boolean operators to group two or more filters together so they act as
a single filter, or to indicate that a filter be treated as an individual entity.

By linking Port filters with a Boolean AND operator, a packet must meet the
condition of this filter, as well as any succeeding filters linked by ANDs that
have been defined for the specified port and have the same Entry or Exit
value. For example, if an entry filter set to screen AppleTalk packets is ANDed
with an entry filter set to screen packets with a broadcast address, the
cumulative effect of the filters will only screen broadcast AppleTalk packets,
letting other broadcast or AppleTalk packets be forwarded from the port.

When a Port filter is given a Boolean OR operator, a packet received on the
defined port is only checked against the conditions set in the single filter. If the
two filters mentioned previously had an OR operator between them,

all

broadcast packets and

all AppleTalk packets would be filtered from being

forwarded through the port.

Click on the Boolean Operator: AND/OR button to determine whether this
filter will be combined with other filters with the same Entry or Exit value that
are defined for the same port.

a.

Toggle the button to AND as the Boolean operator to filter packets by
using this filter and the succeeding Port Filter (as entered in the Port
Filters list) for same port.

b.

Toggle the button to OR (the default) to filter packets based only on the
criteria specified within this filter.

5.

To use a range of Source Addresses as a filter criteria:

a.

In the Filter Parameters section, click on the Source Address Range
check box to activate the Source Address Range text fields.

b.

Indicate whether you want the specified address range to be exclusive or
inclusive for filtering purposes.

1.) Click to activate (highlight) the Not In Range check box if you want to

filter on any source address outside of the specified range.