3com 2200 用户手册

This chapter describes how to use address and port groups as filtering 
criteria in a packet filter, and how to administer address and port groups.

You can use address groups (a list of MAC addresses) and port groups (a list 
of Switch 2200 Ethernet and FDDI ports) as filtering criteria in a packet filter. 

For more information about address and port group concepts, see Chapter 
7: User-defined Packet Filtering in the SuperStack™ II Switch 2200 
Operation Guide. 

A packet filter uses a group to make filtering decisions by accessing the 
group’s source group mask and destination group mask. You reference these 
group masks using the opcodes SAGM (source address group mask), DAGM 
(destination address group mask), SPGM (source port group mask), and 
DPGM (destination port group mask). Here are some examples of using 
address and port groups in packet filters. 

In this example, the filter only forwards packets among stations that are 
within the same address group.

Name

“Accept Same Source and Destination”

pushSAGM

# Get source address group mask

pushDAGM

# Get destination address

# group mask

and

# Compare if source address and 

# destination address are common 

# members of an address group (result 

# is either zero or non-zero)

pushLiteral.l

0

# Put a zero on the stack

ne

# If not equal, returns a “one” to 

# stack, resulting in packet 

# forwarded