Assigning Filters 4-5
will define in the future. Also, use the # sign to add comments or what you expect
the filter to do for future reference.
4 Enter the rules you are defining. Observe the following guidelines.
■ Begin each rule with a unique line number ranging from 1 - 998.
■ Arrange rules in increasing line number order within each protocol section.
■ Arrange rules so that the rules you expect to be matched most frequently are
toward the top of the list
■ Delimit each rule with a semi-colon. Example:
BR-ETH 1 ACCEPT src-addr = 00-20-69-00-00-01;
2 ACCEPT src-addr = 00-20-69-00-00-02;
999 DENY;
5 Inspect the file to ensure that it meets all filtering rules.
6 This step is important since you cannot edit the filter file from within the CLI. To
edit the file, you must modify it using a text editor, TFTP the modified file into the
FLASH (replacing the original file) and verify the filter using the verify filter
command.
7 Save the filter file using a .flt extension. The filter file extension will allow you to
differentiate the filter file from other files stored in the bridge FLASH memory.
8 You can use the list files command to ensure the filter file was successfully stored
in the bridge FLASH memory.
9 Configure a PC as a Trivial File Transfer Protocol (TFTP) client of the bridge by
entering add TFTP client <IP address>.
10 From a machine that has access to the same network as the bridge, use a TFTP
command to transfer the filter file to the bridge FLASH memory. For example,
from the workstation command line enter tftp <3Com HomeConnect ADSL
Modem Ethernet IP address> put <filter filename>
11 The bridge does not recognize a filter file stored in its FLASH memory until you
add it to the managed filter table. To notify the unit about the filter file for the first
time, you must issue the CLI command add filter <name> to add the filter to the
managed filter table. When the filter is added, the unit automatically verifies the
filter file syntax. If you modified a file that had already been added, use the delete
filter <name> command to remove the old file before TFTPing the new file. Then
use the add filter <name> command again or TFTP the new file over the old one
and use the verify filter <name> command.
12 If the syntax is valid, no message is generated and the command prompt returns. If
the syntax is not valid, error messages are generated detailing the source of the
errors.
13 Apply the filter to the appropriate interface or port profile. After replacing a file,
you need to re-apply the filter for the new filter file to take effect.
For more details, refer to the next two sections. Assigning Filters discusses how
to decide where to apply a filter, and Applying Filters explains the appropriate
CLI commands to use.
Assigning Filters Once a filter has been added to bridge’s list of managed filters, you can assign it to
the unit’s: