Filter
Top Products
For example, from the workstation command line enter:
tftp <OfficeConnect Remote 812 IP address> put <filter filename>
12 The router does not recognize a filter file stored in its FLASH memory until you add
it to the managed filter table. To notify the unit about the filter file for the first
time, you must issue the CLI command add filter <name> to add the filter to the
managed filter table. When the filter is added, the unit automatically verifies the
filter file syntax. If you modified a file that had already been added, use the delete
filter <name> command to remove the old file before TFTPing the new file. Then
use the add filter <name> command again.
13 If the syntax is valid, no message is generated and the command prompt returns. If
the syntax is not valid, error messages are generated detailing the source of the
errors.
14 Apply the filter to the appropriate interface or VC / remote site profile. After
replacing a file, you need to re-apply the filter for it the new filter file to take
effect.
For more details, refer to the next two sections. Assigning Filters discusses how to
decide where to apply a filter, and Applying Filters Using CLI explains the
appropriate CLI commands to use.
Assigning Filters Once an input filter or output filter has been added to a router’s list of managed
filters, you can assign that filter to the unit’s:
Interfaces
VC / Remote Site Profile
VPN tunnel
Interface Filters You can configure interface filters for any interface. Interface filters control access
to all networks available for both modem and non-modem interfaces.
You can specify whether a filter applies to packets entering the interface (input
filter) or leaving the interface (output filter). The router examines the filtering rules
to determine whether the interface accepts or rejects the packet.
Input Filters If an input filter is configured on an interface, all received packets are checked
against the filtering rules before being forwarded to another interface.
Output Filters If an output filter is configured on an interface, all outbound packets are checked
against the filtering rules before exiting the router.
Input Filters vs. Output
Filters
When possible, use the input filter to filter an incoming packet rather than waiting
to catch a packet as it attempts to exit the router. This is recommended because:
A packet is prevented from entering the router, keeping potential intruders
from attacking the unit itself.
The routing engine does not waste time processing a packet that is going to be
discarded anyway.