Patton electronic 29XX Server User Manual


 
Modify Filter 164
Access Server Administrators’ Reference Guide 13 • Filter IP
Action (filterIpAction)
Specifies the action to take on a packet whether to block or pass the packet. The following options are available:
pass(0)—If pass is selected, checking will continue on to other filters until either a match occurs, a block
occurs, or there are no more filters remaining to check.
Note
If there are any applied PASS filters, then at least one of them must match or
the packet will be dropped.
block(1)—If a filter has block set and the filter matches the block, the packet is discarded and no further
processing is done.
wrap(2)—All packets received on the specified dialup link will be encapsulated in an extra IP header as
defined in RFC2003. The destination IP address of the wrapper is given by the destination IP setting in the
filter. The source IP address of the wrapper is the ethernet address of the remote access server.
All wrap filters are inbound only.
Note
Block filters take priority, therefore any applied and matching block filters
will drop the packet. Next, pass filters are examined, if PASS filters have been
defined, then at least one of them must match or else the packet will be
dropped. After the block and pass filters are examined, the WRAP filter, if it
exists, will be applied.
Source IP
Applies the filter action based on the results of the stated comparison to the IP address and subnet mask.
Comparison (filterIpSourceAddressCmp)
equal(0)—apply the action of the filter if the Source IP equals the IP address/subnet mask combination
supplied
notEqual(1)—apply the action of the filter if the Source IP does not equal the IP address/subnet mask com-
bination supplied
Address (filterIpSourceIp)
The IP address to which the filter will compare the source IP address.
Mask (filterIpSourceMask)
The subnet mask the filter will apply to the source IP address to make the comparison.
Note
These fields are ignored unless either the IP address or Mask have been
entered. Bit positions that are set to 1 will be compared and 0s will be
ignored. Thus, a setting of 0.0.0. will have the effect of disabling source IP
address comparison.