Nortel 4134 Guia Do Utilizador
112
Packet filter configuration
Variable
Value
[log {on|off}]
Allows a logging message to be reported to the user
when a rule match occurs (optional).
on: Turns on logging of matching packets.
off: Turns off logging the matching packet off
(default)
when a rule match occurs (optional).
on: Turns on logging of matching packets.
off: Turns off logging the matching packet off
(default)
[expire <expiry-time>]
Specifies the rule expiry time in seconds
[no]
Removes the specified packet filter.
Configuring MAC packet filters
Configure MAC packet filters to be applied to one or more interfaces.
Procedure steps
Step
Action
1
To enter configuration mode, enter:
configure terminal
2
To specify the name of the MAC packet filter to create or configure,
enter:
enter:
mac packet-filter <packet-filter-name>
3
To configure rules for the packet filter, enter:
[no] {add | insert <lineno>}
{permit | deny}
{<src-mac> <dst-mac>}
[smask <src-mask>] [dmask <dst-mask>]
[ethertype <ether-type>]
[cos <cos-value>]
[vlan <vlan-id>]
—End—
Table 42
Variable definitions
Variable definitions
Variable
Value
{permit | deny}
Specifies the action to perform when a packet
matches the filter rule:
permit: allow the packet to cross the filter
deny: drop the packet
matches the filter rule:
permit: allow the packet to cross the filter
deny: drop the packet
<src-mac>
Source MAC address.
<dst-mac>
Destination MAC address.
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.