Perle Systems IOLINK-520 B.3

Programmable Filtering

IOLINK-PRO & 520 Reference Manual —

B.3

Security—“Filter if Source”

Filter if Source is a function that allows you to filter an Ethernet frame if the source address of the frame equals the

address that the Filter if Source function has been applied to.

Example:

Assume that a Personal Computer is located on segment 1 on the local bridge/router. This station is a community

station that various departments may use for general processing. However, this station may only access those services

that exist on its local segment, and it must be restricted from accessing any services on remote LANs. This can be

easily accomplished with a “Filter if Source.”

The Ethernet Address for this Personal Computer is: 01-02-03-04-05-06

Again, this address uniquely identifies this computer station.

To configure the bridge/router to ensure that this station is unable to access facilities on a remote LAN segment,

follow the instructions below:

1From the MAIN MENU of the console of the local bridge/router, enter a 1.

(Enter a “=“ from any menu to go back to the MAIN MENU.)

This will place you at the CONFIGURATION MENU, where access to the filtering menu is obtained.

2From the CONFIGURATION MENU, enter an 8.

This will place you at the FILTER SET-UP MENU, where access to the individual filtering menus is

obtained.

3From the FILTER SET-UP MENU, enter a 1.

This will place you at the MAC ADDRESS FILTERS MENU, where access to the MAC Address filters is

obtained.

4From the MAC ADDRESS FILTERS MENU, make sure that the Filter Operation is currently set to

“positive.”

This will cause the MAC Address Filters specified to be used for filtering frames with the specified MAC

addresses.

5From the MAC ADDRESS FILTERS MENU, enter a 1.

This will place you at the first EDIT MAC ADDRESS FILTER MENU screen.

At the prompt enter the MAC address for which you want to specify the filter.

6Enter the 12-digit Ethernet address of the Personal Computer system in the following format:

010203040506 (enter a Return)

The edit screen will fill in the information that the table knows about this address. For this example, let us

assume that it knows that the address status is [not present] and is of [unknown] location.

In this example, the bridge/router is not aware of this station as of yet. The station has probably not been

active for the bridge/router to “learn” any information about it.

Therefore, you will have to tell the bridge/router a little bit more about the station.

7Enter a 2 to enter the location of the station.