Filter
Top Products
SRB Configuration Examples
BC-162
Bridging and IBM Networking Configuration Guide
access-list 203 permit 0xE0E0 0x0101
access-list 203 deny 0x0000 0xFFFF
Note that it is not necessary to check for an LSAP of 0xAAAA when filtering SNAP-encapsulated
AppleTalk packets, because for source-route bridging, the use of type filters implies SNAP
encapsulation.
Creating Access Filters Example
In math, you have the following:
3 x 4 + 2 = 14 but 3 x (4 + 2) = 18
Similarly, the following access expressions would return TRUE if lsap(201) and dmac(701) returned
TRUE or if smac(702) returned TRUE:
lsap(201) & dmac(701) | smac(702)
However, the following access expression would return TRUE only if lsap(201) returned TRUE and
either of dmac(701) or smac(702) returned TRUE:
lsap(201) & (dmac(701) | smac(702))
Referring to the earlier example, “An Example Using NetBIOS Access Filters,” we had the phrase:
“Pass the frame if it is NetBIOS, or if it is an SNA frame destined to address 0110.2222.3333.”
This phrase was converted to the simpler form of:
Pass if “NetBIOS or (SNA and destined to 0110.2222.3333).”
So, for the following configuration:
! Access list 201 passes NetBIOS frames (command or response)
access-list 201 permit 0xF0F0 0x0001
!
access-list 202 permit 0x0404 0x0001 ! Permits SNA frames (command or response)
access-list 202 permit 0x0004 0x0001 ! Permits SNA Explorers with NULL DSAP
!
! Access list 701 will permit the FEP MAC address
! of 0110.2222.3333
access-list 701 permit 0110.2222.3333
The following access expression would result:
access-expression in lsap(201) | (lsap(202) & dmac(701))