Page 358 7750 SR OS Router Configuration Guide
Global Filter Commandsip-filter
Syntax [no] ip-filter filter-id [create]
Context config>filter
Description This command creates a configuration context for an IP filter policy.
IP-filter policies specify either a forward or a drop action for packets based on the specified match
criteria.
The IP filter policy, sometimes referred to as an access control list (ACL), is a template that can be
applied to multiple services or multiple network ports as long as the scope of the policy is template.
Any changes made to the existing policy, using any of the sub-commands, will be applied
immediately to all services where this policy is applied. For this reason, when many changes are
required on an ip-filter policy, it is recommended that the policy be copied to a work area. That work-
in-progress policy can be modified until complete and then written over the original filter policy. Use
the config filter copy command to maintain policies in this manner.
The no form of the command deletes the IP filter policy. A filter policy cannot be deleted until it is
removed from all SAPs or network ports where it is applied.
Parameters filter-id — Specifies the IP filter policy ID number.
Values 1 — 16384
create — Keyword required when first creating the configuration context. Once the context is
created, one can navigate into the context without the create keyword.
ipv6-filter
Syntax [no] ipv6-filter ipv6-filter-id [create]
Context config>filter
Description This command creates a configuration context for an IPv6 filter policy.
Parameters ipv6-filter-id — specifies the IPv6 filter policy ID number.
Values 1 — 16384
create — Keyword required when first creating the configuration context. Once the context is
created, one can navigate into the context without the create keyword.
mac-filter
Syntax [no] mac-filter filter-id [create]