Lucent Technologies PortMaster Manual Do Utilizador
9-1
Configuring Filters
9
This chapter describes how to configure input and output packet filters. IP, IPX, and
Service Advertising Protocol (SAP) rules are reviewed, and filter examples are given.
You can also use the ChoiceNet application to filter IP packets by lists of sites rather than
by individual IP addresses. For more information on ChoiceNet, see the ChoiceNet
Administrator’s Guide.
Service Advertising Protocol (SAP) rules are reviewed, and filter examples are given.
You can also use the ChoiceNet application to filter IP packets by lists of sites rather than
by individual IP addresses. For more information on ChoiceNet, see the ChoiceNet
Administrator’s Guide.
This chapter discusses the following topics:
•
•
•
•
•
•
Each topic in this chapter includes examples of filters used to accomplish the goal
described.
described.
See the PortMaster Command Line Reference for more detailed command descriptions and
instructions.
instructions.
Overview of PortMaster Filtering
Packet filters can increase security and decrease traffic on your network. Filters can be
used to limit certain kinds of internetwork communications by permitting or denying
the passage of packets through network interfaces. By creating appropriate filters, you
can control access to specific hosts, networks, and network services.
used to limit certain kinds of internetwork communications by permitting or denying
the passage of packets through network interfaces. By creating appropriate filters, you
can control access to specific hosts, networks, and network services.
Security on your network can be enhanced by limiting authorized activities to certain
hosts. For example, you can restrict the DNS and SMTP interchange with the Internet to
a well-secured host on your network. All Internet hosts can then access only this single
server for those services. If you have several name servers or mail servers, you can use
additional rules to allow access to these servers.
hosts. For example, you can restrict the DNS and SMTP interchange with the Internet to
a well-secured host on your network. All Internet hosts can then access only this single
server for those services. If you have several name servers or mail servers, you can use
additional rules to allow access to these servers.