Cisco Systems OL-7396-01 Manual De Usuario

Filter Switch(config)# atm filter-set filter_1 permit default

Filter Switch(config)# atm filter-expr exp1 src filter_1

Filter Switch(config)# 

Filter Switch(config)# interface atm 1/0/0

Filter Switch(config-if)# atm access-group exp1 in

Filter Switch(config-if)# end

Filter Switch# show atm filter-set

ATM filter set filter_1

  deny   47.0091.8100.0000.2222.2222.ffff...  index 1

  permit default  index 2

Filter Switch# show atm filter-expr

exp1 = src filter_1

IP packet filtering helps control packet movement through the network. Such control can help limit 
network traffic and restrict network use by certain users or devices. To permit or deny packets from 
crossing specified IP interfaces, Cisco provides access lists. 

You can use access lists for the following reasons:

Control the transmission of packets on an IP interface

Control virtual terminal line access

Restrict contents of routing updates

This section summarizes how to create IP access lists and how to apply them.

This section applies to the IP interfaces only.

An access list is a sequential collection of permit and deny conditions that apply to IP addresses. The 
ATM switch router software tests addresses against the conditions in an access list one by one. The first 
match determines whether the software accepts or rejects the address. Because the software stops testing 
conditions after the first match, the order of the conditions is critical. If no conditions match, the 
software rejects the address. 

The two steps involved in using access lists follow:

Create an access list by specifying an access list number and access conditions.

Apply the access list to interfaces or terminal lines.

These steps are described in the following sections:

The ATM switch router software supports three styles of access lists for IP interfaces:

Standard IP access lists use source addresses for matching operations.