EXP Computer S200 manual Mac Filtering Process Incoming and Outgoing Frames

Mac Filtering

Process

Incoming and Outgoing Frames

As shown in Figure 30, if a match is detected, the system applies the filtering action configured for that entry. The filtering action is to either PASS the frame or BLOCK the frame for all links or for a configured list of links. This filtering action overrides the action specified in the MAC Address Filter Action parameter.

If there is no match between the frame MAC Address and any entry in the MAC Address Filter Table, then filtering action on that frame is not controlled by the MAC Address Filter Table.

When the filtering action is not controlled by the MAC Address Filter Table, the action taken by the bridge is determined by the MAC Address Filter Action parameter in the Bridge Link Table; the action is to either PASS the frame or BLOCK it.

The MAC Address Filter Action parameter determines if the filter table is enabled on a bridge link. This same parameter is used to define the action taken (PASS or BLOCK) when no match is made in the MAC Address Filter Table.

For a detailed description of the MAC Address Filter parameters, refer to “Configuring the MAC Address Filter Table” section on page 66.”

The filtering action is applied to each link. The frames passing on a link can be either incoming or outgoing (see Figure 31). Incoming means that the frame is entering the bridge from elsewhere either from the LAN or WAN. Outgoing means the frame is leaving the bridge. Therefore, a given frame can be incoming on one link and outgoing on another link (provided it does not get blocked due to filtering). Filtering can be applied at each of those links.

For any link, the PASS or BLOCK attribute can be set for either the source address or the destination address. This method allows you to individually configure every combination of in/out and source/destination to either a pass or a block action for any link.