3Com OfficeConnect 3C100XF Cli User's Manual - page 216
27-6
C
HAPTER
27: P
ACKET
F
ILTERS
To create a filter file on your PC:
1
Open a new text file. Enter a file descriptor on the first line:
#filter
Be sure not to leave any blank space before the file descriptor. If you do, you’ll
cause an error to occur.
2
Enter a file section header followed by a colon for protocol rules you want to
define. For example, if you want to define IP filtering rules, enter the following
section header:
IP:
You can comment a section header out by placing a # (pound) sign before the
section header. This is useful to insert a placeholder for a protocol section you’ll be
defining in the future.
3
Enter the protocol rules for the protocol section you are defining. Observe the
following guidelines:
Begin each rule with a unique line number (1-999)
Arrange rules in increasing order within each protocol section
Arrange rules so that the rules you expect to be matched
most frequently
are
at the top of the list
Delimit each rule with a semi-colon (;)
For example:
#filter
IP:
010 ACCEPT src-addr = 128.100.033.001;
020 ACCEPT dst-addr = 200.135.038.009;
4
Add filtering action if different from the default value of PERMIT.
For example:
030 DENY;
5
Continue to define protocol rules for each protocol section you want to filter.
Then, visually inspect the file to ensure that it meets the requirements described in
this chapter.
This step is important, since you cannot edit the filter file from within the
OfficeConnect Gateway. To make any changes, you must modify the original filter
file on your PC, using a text editor, and TFTP the modified file back to the
OfficeConnect Gateway, replacing the original file.
Save the filter file using a .flt extension. The filter file extension will allow you to
differentiate the filter file from other files stored in FLASH memory.
6
Access the CLI on the OfficeConnect Gateway. Configure your PC as a TFTP client
by adding the following command:
add TFTP client