ASYNC ROUTER AR-P, AR-5, AND SYNC ROUTER REFERENCE MANUAL

ifaceeth0, modem0-4, sync0

[-f {inbound outbound}]

Specify the flow direction to which an entry applies.

Filter entries may be created to restrict inbound, outbound, or traffic flowing in both directions. The default value is both.

-t {allow deny nodial unreach}

Specify the type of filter.

allow—allows any packet that matches the filter specification to pass through.

deny—drops any packet that matches the filter specification.

nodial—only drops packets that cause the destination interface to dial. Otherwise, the packet is passed on. Use this option to prevent hosts outside the organization from initiating a call on your phone line and causing unnecessarily expensive phone bills.

unreach—drops the packet and returns a “Destination Unreachable” packet to the sender.

[-o {before after} existing_name]

Specifies order, and thus priority, of filters in the list.

The default position is at the end. The first entry is highest priority.

before—Position the filter expression name before the filter expression existing_name in the FE list.

after—Position the filter expression name after the filter expression existing_name in the FE list.

existing_name—The name of a filter expression currently residing in the FE priority list which you want to use to orient the placement of a new FE in the list of filter priorities.

filter delete name

The filter delete subcommand deletes the specified filter.

name—A 1- to 6-character ASCII identifier defining the unique filter entry (FE) name you wish to delete.

filter {enable disable}

The filter {enable disable} subcommand enables or disables IP packet filtering. TCP/IP packet filtering is disabled by default and must be explicitly enabled.

filter flush

The filter flush subcommand deletes all TCP/IP packet filters.

filter move name [{before after} existing_name]

The filter move subcommand enables you to change the order of IP packet filters in the filter list. If no before after clause is specified, the filter entry is placed last in the filter list (lowest priority).

name—A 1 to 6 character ASCII identifier to reference a filter entry (FE) you wish to move. Each FE has a unique name. A list of FEs is recorded in order of priority, with the first position assigned the highest priority. Incoming and outgoing packets are checked against the entry in the highest priority position first.

219

Page 218 Page 220
Page 219
Image 219
Black Box LRS002A-R2, LRA005A-R2, LRA001A-R2 219, Iface-eth0, modem0-4, sync0 Inbound outbound, Allow deny nodial unreach
Page 218 Page 220
Top Page Image Contents