HP (Hewlett-Packard) 2800 Series Switch User Manual


 
10-3
Traffic/Security Filters (ProCurve Series 2600/2600-PWR and 2800 Switches)
Overview
from receiving traffic from workstation "X", you would configure a filter to
drop traffic from port 5 to port 7. The resulting filter would drop traffic from
port 5 to port 7, but would forward all other traffic from any source port to
any destination port (refer to figures 10-1 and 10-2).
Figure 10-1. Example of a Filter Blocking Traffic only from Port 5 to Server "A"
Figure 10-2. The Filter for the Actions Shown in Figure 10-1
Applying a Source Port Filter in a Multinetted VLAN. If you have mul-
tiple IP addresses configured on the same VLAN (multinetting), and routing
is enabled on the switch, then a single port or trunk can be both the source
and destination of packets moving between subnets in that same VLAN. In this
case, you can prevent the traffic of one subnet from being routed to another
subnet on the same port by configuring the port or trunk as both the source
and destination for traffic to drop.
Server "A"
Port 7
Port 8
Server "B"
Port 9
Server "C"
Port 5
Workstation " X"
This list shows the filter created
to block (drop) traffic from
source port 5 (workstation "X") to
destination port 7 (server "A").
Notice that the filter allows
traffic to move from source port
5 to all other destination ports.