Nortel 4134 用户指南
Deleting rules from packet filters
113
Variable
Value
[smask <src-mask>]
Specifies MAC source mask.
[dmask <dst-mask>]
Specifies MAC destination mask.
[ethertype <ether-type>]
Specifies the Ethernet type: arp, mpls, aarp, ppp or
Ethernet type value in hex.
Ethernet type value in hex.
[cos <cos-value>]
CoS value. Range is 0-7.
[vlan <vlan-id>]
Specifies the VLAN ID. Range is 1-4000.
[no]
Removes the specified packet filter.
Applying a packet filter to an interface
Apply a packet filter to an interface. With WAN modules and chassis
Ethernet ports, you can apply one IPv4 and one IPv6 packet filter to an
interface in either direction (you cannot enable the IPv4 packet filter and the
firewall on the same interface). With Ethernet module interfaces, you can
apply one IPv4, one IPv6, and one MAC packet filter in the inbound direction
only (no restrictions related to firewalls apply).
Ethernet ports, you can apply one IPv4 and one IPv6 packet filter to an
interface in either direction (you cannot enable the IPv4 packet filter and the
firewall on the same interface). With Ethernet module interfaces, you can
apply one IPv4, one IPv6, and one MAC packet filter in the inbound direction
only (no restrictions related to firewalls apply).
Procedure steps
Step
Action
1
To enter configuration mode, enter:
configure terminal
2
Apply an existing packet filter rule set to the interface, enter:
packet-filter-group <interface-name> [in | out] {[mac
<mac-packet-filter>] | [ip <ip-packet-filter>] | [ipv6
<ipv6-packet-filter>]}
—End—
Deleting rules from packet filters
Delete rules from configured packet filters.
Procedure steps
Step
Action
1
To enter configuration mode, enter:
configure terminal
2
To specify the packet filter to create or configure, enter:
{mac | ip | ipv6} packet-filter <packet-filter-name>
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.