ASYNC ROUTER AR-P, AR-5, AND SYNC ROUTER USER’S MANUAL

NOTE

If a dialup connection has already been established between offices, the filter does not prevent the packets from transitioning the link. The filter only prevents packets from causing the Router to initiate the connection by dialing out.

Long IP filter example

These filters can be entered from the Router command prompt. Do not use the IP addresses below. They are for EXAMPLE ONLY! Comments are preceded by “#”. The filters are executed in order, and the overall filtering depends upon the interplay of all of the filters.

#These filters will allow your network users to ping to hosts in the outside world.

filter add f0 -s 199.98.122.1/32 -p 1 -t allow filter add f00 -d 199.98.122.1/32 -p 1 -t allow filter add f1 -s 199.98.122.3/32 -p 1 -t allow filter add f2 -d 199.98.122.3/32 -p 1 -t allow

#These filters will allow FTP activities to and from the host with IP address 199.98.122.3.

filter add f3 -s 199.98.122.3/32 -d any 20 -p 6 -t allow filter add f4 -s any 20 -d 199.98.122.3/32 -p 6 -t allow filter add f5 -s 199.98.122.3/32 20 -p 6 -t allow filter add f6 -d 199.98.122.3/32 20 -p 6 -t allow filter add f7 -s 199.98.122.3/32 -d any 21 -p 6 -t allow filter add f8 -s any 21 -d 199.98.122.3/32 -p 6 -t allow filter add f9 -s 199.98.122.3/32 -p 6 -t allow

filter add f10 -d 199.98.122.3/32 21 -p 6 -t allow

#These filters will block telnet activities originating from the outside world, but will allow your network users to telnet to the outside world.

filter add f11 -d any 23 -p 6 -t deny -i modem0 -f inbound filter add f12 -s 199.98.122.3/32 -d any 23 -p 6 -t allow filter add f13 -s any 23 -d 199.98.122.3/32 -p 6 -t allow

#These filters will allow mail to and from the host 199.98.122.3.

filter add f14 -s 199.98.122.3/32 -d any 25 -p 6 -t allow filter add f15 -s any 25 -d 199.98.122.3/32 -p 6 -t allow filter add f16 -s 199.98.122.3/32 25 -p 6 -t allow filter add f17 -d 199.98.122.3/32 25 -p 6 -t allow

#These filters will allow udp and tcp transfers.

filter add f18 -s 199.98.122.3/32 -d any 53 -p 6 -t allow filter add f19 -s any 53 -d 199.98.122.3/32 -p 6 -t allow filter add f20 -s 199.98.122.3/32 53 -p 6 -t allow filter add f21 -d 199.98.122.3/32 53 -p 6 -t allow filter add f22 -s 199.98.122.3/32 -d any 53 -p 17 -t allow filter add f23 -s any 53 -d 199.98.122.3/32 -p 17 -t allow

80

Page 79 Page 81
Page 80
Image 80
Black Box LRA001A-R2, LRS002A-R2, LRA005A-R2 Long IP filter example, #These filters will allow mail to and from the host
Page 79 Page 81
Top Page Image Contents