Adding Packet Filters

1.To create a new filter, type the following command:

add filter <filter name>

The filter name can be up to 15 characters long.

Optionally, you can add an extension beginning with a period to the end of a filter. For example, we recommend that you add .in to an input filter name (such as sales.in) and

.out to the corresponding output filter (such as sales.out).

RADIUS Note: Although the NETServer allows you to specify both an input and output filter for a network user, RADIUS authentication allows you to specify only one filter name (Framed-Filter-ID). To get around this limitation of RADIUS, NETServer derives both filter names from the single response it gets from RADIUS. To do this, it adds .in and .out extensions to the RADIUS filter name. For ex- ample if you have defined a RADIUS framed user with a Framed-Filter-ID of User_F, you must add the filters User_F.in and User_F.out to the NETServer. If filters with these names do not exist on the NETServer, no filter will be applied to the user.

2.Add the filter’s rules. Make sure you don’t specify the same rule # twice (if you do, you overwrite the earlier rule). See Filter Rule Format for instructions on creating individual rules.

Note: The NETServer evaluates the rules in order, so you should put the most frequently matched rules first.

3.When you are finished adding rules, use the following command to save the filter table.

save filters

8-4 Packet Filters

Page 118
Image 118
USRobotics NETServer/8, NETServer/16 manual Adding Packet Filters