Traffic/Security Filters (ProCurve Series
Overview
from receiving traffic from workstation "X", you would configure a filter to drop traffic from port 5 to port 7. The resulting filter would drop traffic from port 5 to port 7, but would forward all other traffic from any source port to any destination port (refer to figures
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Port 7 |
| Server "A" |
|
|
|
|
|
|
|
|
|
| ||
Workstation " X" |
|
|
|
| Port 5 |
| Port 8 |
|
| ||
|
|
|
|
|
|
|
|
| Server "B" | ||
|
|
|
|
|
|
|
|
| Port 9 |
|
|
|
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
|
|
| Server "C" | |
|
|
|
|
|
|
|
|
|
| ||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This list shows the filter created to block (drop) traffic from source port 5 (workstation "X") to destination port 7 (server "A"). Notice that the filter allows traffic to move from source port 5 to all other destination ports.
FigureApplying a Source Port Filter in a Multinetted VLAN. If you have multiple IP addresses configured on the same VLAN (multinetting), and routing is enabled on the switch, then a single port or trunk can be both the source and destination of packets moving between subnets in that same VLAN. In this case, you can prevent the traffic of one subnet from being routed to another subnet on the same port by configuring the port or trunk as both the source and destination for traffic to drop.