ASYNC ROUTER AR-P, AR-5, AND SYNC ROUTER REFERENCE MANUAL

domain cache size [count]

Set or display the current number of domain names that the cache can hold.

count—Enter the maximum number of domain names. If this parameter is omitted, the current setting is displayed.

4.4 filter

Configure/display IP filter information

Syntax

filter add name { [-s{[src_addr/bits] [src_port]}] [-d{[dest_addr/bits] [dest_port]}] [-pproto]

[-l [{syslog trap both}]] [-i iface]

[-f {inbound outbound}]}

-t {allow deny nodial unreach} [-o {before after} existing_name]

filter delete name filter {enable disable} filter flush

filter move name [{before after} existing_name] filter spoof iface [{allow deny}] [syslog] [trap] filter status

filter try src_addr [-sport] dest_addr [-dport] [-pproto]

Description

The filter command configures or displays the Internet Protocol (IP) filters.

Subcommands and parameters

filter add name

The filter add subcommand adds filter expressions (FEs) to a list that is stored in prioritized order, with the first position assigned the highest-priority filter expression. Incoming and outgoing datagrams are checked against the entry in the highest-priority position first.

Several options to the filter add subcommand exist. Options, variables, and parameters are described next. It is important to note that one of the following options is required:

-s, -d, -p, -l, -i, or -f

If an option has no default, and is not specified in the filter entry, no match is attempted for that field.

filter add name

name—A 1 to 6 character ASCII identifier chosen by the user to easily reference filter expressions. Each filter expression must have a unique name. Names beginning with a “$” are reserved for system use (as IP “firewall” filter names).

[-s{[src_addr/bits] [src_port]}]

217

Page 217
Image 217
Black Box LRA005A-R2, LRS002A-R2 217, Syslog trap both -i iface Inbound outbound, P, -l, -i, or -f, Ssrcaddr/bits srcport