data:image/s3,"s3://crabby-images/4bdb2/4bdb215684c97a10b76aba9ed9cc88e12aa13d93" alt=""
Creating Filters Using Command Line Interface
3You can comment a section header out by placing a # sign before the section header. This is useful if you want to insert a placeholder for a protocol section you will define in the future.
4Enter the protocol rules for the protocol section you are defining. Observe the following guidelines.
Begin each rule with a unique line number ranging from 1 - 10.
Arrange rules in increasing line number order within each protocol section.
Arrange rules so that the rules you expect to be matched most frequently are
toward the top of the list
Delimit each rule with a
IP 1 ACCEPT src-addr = 128.100.33.1;
2ACCEPT dst-addr = 200.135.38.9;
999DENY;
5Continue to define protocol rules for each protocol section you want to filter.
6Inspect the file to ensure that it meets all filtering rules.
7This step is important since you cannot edit the filter file from within the CLI. To edit the file, you must modify the it using a text editor, TFTP the modified file into the FLASH (replacing the original file) and verify the filter using the verify filter command.
8Save the filter file using a 12.3 FLT extension. The filter file extension will allow you to differentiate the filter file from other files stored in the router FLASH memory.
9You can use the list files command to ensure the filter file was successfully stored in the router FLASH memory.
10Configure a PC as a Trivial File Transfer Protocol (TFTP) client of the router by entering add TFTP client <hostname or IP address>.
To use CLI, see the CLI User’s Guide for instructions for connecting the console cable and communicating with the OfficeConnect Remote 812 using a terminal emulator like Microsoft’s HyperTerminal.
11From a machine that has access to the same network as the router, use a TFTP command to transfer the filter file to the router FLASH memory. For example, from the workstation command line enter:
tftp <OfficeConnect Remote 812 IP address> put <filter filename>
12The router does not recognize a filter file stored in its FLASH memory until you add it to the managed filter table. To notify the unit about the filter file for the first time, you must issue the CLI command add filter <name> to add the filter to the managed filter table. When the filter is added, the unit automatically verifies the filter file syntax. If you modified a file that had already been added, use the delete filter <name> command to remove the old file before TFTPing the new file. Then use the add filter <name> command again.
13If the syntax is valid, no message is generated and the command prompt returns. If the syntax is not valid, error messages are generated detailing the source of the errors.
14Apply the filter to the appropriate interface or VC / remote site profile. After replacing a file, you need to