Cisco Systems BC-109 manual Configure NetBIOS Access Filters Using a Byte Offset

Secure the SRB Network

The NetBIOS station access list contains the station name to match, along with a permit or deny condition. You must assign the name of the access list to a station or set of stations on the network.

To assign a station access list name, use the following command in global configuration mode:

When filtering by station name, you can choose to filter either incoming or outgoing messages on the interface. To specify the direction, use one of the following commands in interface configuration mode:

Configure NetBIOS Access Filters Using a Byte Offset

To configure access filters you must do the following:

Step 1 Assign a byte offset access list name.

Step 2 Specify the direction of the message to be filtered on the interface.

Keep the following notes in mind while configuring access filters using a byte offset:

•When an access list entry has an offset plus the length of the pattern that is larger than the packet’s length, the entry will not make a match for that packet.

•Because these access lists allow arbitrary byte offsets into packets, these access filters can have a significant impact on the amount of packets per second transiting across the bridge. They should be used only when situations absolutely dictate their use.

The NetBIOS byte offset access list contains a series of offsets and hexadecimal patterns with which to match byte offsets in NetBIOS packets. To assign a byte offset access list name, use the following command in global configuration mode:

Note Using NetBIOS Byte Offset access filters disables the autonomous or fast switching of source-route bridging frames.

When filtering by byte offset, you can filter either incoming or outgoing messages on the interface. To specify the direction, use one of the following commands in interface configuration mode: