[Top] [Prev] [Next] [Bottom]
Chapter 16
Configuring and Monitoring
MAC Filtering
This chapter describes the MAC filtering configuration and monitoring commands. It includes the following sections:
Accessing the MAC Filtering Prompts
MAC Filtering Commands
MAC Filtering Update Commands
Accessing the MAC Filtering Prompts
To display the MAC filtering configuration prompt, at the Config> prompt enter feature followed by the feature number (2) or name (mcf). For example:
Config> feature mcf
MAC Filtering user configuration
Filter config>
To display the MAC filtering monitoring prompt, at the + prompt enter feature followed by the feature number (2) or name (mcf). For example:
+ feature mcf
MAC Filtering user console
Filter>
MAC Filtering Commands
This section describes the MAC filtering configuration and monitoring commands. Enter configuration commands at the Filter config> and enter monitoring commands at the Filter> prompt. Table 16-1 lists the MAC filtering commands.
? (Help) C M
Lists available commands or options.
Syntax: ?
Example: create ?
LIST
FILTER
Attach C
Adds a filter list to a filter. A filter is constructed by associating a group of filter lists with an interface number. A filter list is built from one or more filter items.
Syntax: attach filter-list-name filter-number
Example: attach
Enter a filter-list name []? atm_list
Enter a filter number [1]? 3
Clear M
Clears all the per filter statistics listed in the list filter command for all the filter objects and all the statistics listed for each filter list.
The command also clears the per filter statistics listed in the list filter command for the filter associated with the filter-number plus all the statistics listed for each filter list in this filter.
Syntax: clear
- all
- filter
all
Clears all statistics listed in the list filter command for each filter object and each filter-list.
Example: clear all
filter filter-number
Clears the per filter statistics listed in the list filter command for the filter associated with the filter-number plus all the statistics listed for each filter-list in this filter.
Example: clear filter 6
Create C
Creates a filter list or an input or output filter.
Syntax: create
- list
- filter
list filter-list-name
Creates a filter list. Name a list by a unique string (Filter-list-name) of up to 16 characters. This name is used to identify a filter-list that is being built. This name is also used with other commands associated with the filter-list.
Example: create list newyork
filter input/output interface-number
Creates a filter and places it on the network associated with the input or output direction on the interface given by an interface number. By default this filter is created with no attached filter-lists and has a default action of include and enabled.
Example: create filter input 2
Default C
Sets the default action for the filter with a specified filter-number to exclude, include, or tag.
Syntax: default
- exclude
- include
- tag
exclude filter-number
Sets the default action for the filter with a specified filter-number to exclude.
Example: default exclude 3
include filter-number
Sets the default action for the filter with a specified filter-number to include.
Example: default include 3
tag tag-number filter-number
Sets the default action for the filter with the specified filter-number to tag and sets the associated tag value to tag-number.
Example: default tag 3 15
Delete C
Removes all information associated with a filter-list and frees an assigned string as a name for a new filter-list. If filter-list is attached to a filter that has already been created, then this command displays an error message without deleting anything. In addition all filter-items belonging to this list are also deleted.
This command also deletes a filter created using the create filter command.
Syntax: delete
- list
- filter
list filter-list
Removes all information associated with a filter-list and frees an assigned string as a name for a new filter-list. The filter-list must be a string entered by a previous create list command.
If the filter-list is attached to a filter that has already been created, then this command displays an error messageen without deleting anything. All filter-items belonging to this list are also deleted when this command is used.
Example: delete list newyork
filter filter-number
Deletes a filter created using the create filter command.
Example: delete 3
Detach C
Deletes a filter-list name (filter-list parameter) from a filter (filter-number parameter).
Syntax: detach list
Example: detach list newyork
Disable C M
Disables MAC filtering entirely or disables a particular filter.
Syntax: disable
- all
- filter
all
Disables MAC filtering entirely. Filters are still set as enabled, however, if they were enabled previously.
Example: disable all
filter filter-number
Disables a particular filter. The filter number parameter corresponds to the numbers displayed with list filters command.
Example: disable filter
Enter a filter number [1]? 3
Enable C M
Enables MAC filtering entirely or enables a particular filter.
Syntax: enable
- all
- filter
all
Enables MAC filtering entirely although filters themselves may still set to disabled.
Example: enable all
filter filter-number
Enables a particular filter. The filter number parameter corresponds to the numbers displayed with list filters.
Example: enable filter
Enter a filter number [1]? 3
Exit C M
Use the exit command to return to the Config> prompt or + prompt.
Syntax: exit
Example: exit
List C M
Lists all the filter lists and filters that you have configured. A list of all the filter lists attached to a filter is not given. Other information displayed includes:
In addition, the following information is displayed for each filter:
This command also generates a list of attached filter-lists for this filter and all subsequent information for the filter.
Syntax: list
- all
- filter
Example: list all
Filtering: enabled
Filter List Action
----------- ------
test INCLUDE
Filters
-------
Id Default State Ifc Dir Cache
-- ------- ----- --- --- ------
1 INCLUDE DISABLE 0 OUTPUT 16
filter filter-number
Generates a list of attached filter-lists for the specified filter and all subsequent information for the filter.
Example: list filter
Enter a filter number [1]?
Id Default State Ifc Dir Cache
-- ------- ----- --- --- ------
1 INCLUDE DISABLE 0 OUTPUT 16
Filter List Action
----------- ------
test INCLUDE
Move C
Use the move command to re-order the filter-lists attached to a specified filter (given by the filter-number parameter). The list given by Filter-list-name1 is moved immediately before the list given by Filter-list-name2.
Syntax: move filter-list-name1 filter-list-name2 filter-number
Example: move newyork boston 13
Reinit C M
Reinitializes the entire MAC filtering system from an existing configuration without affecting the rest of the router.
Syntax: reinit
Example: reinit
Set-Cache C
Changes the cache size to a number between 4 and 32768. The default is 16.
Syntax: set-cache filter-number cache-size
Example: set-cache
Enter a filter number [1]?
Enter the new cache size [16]?
Update C
Use the update command to add information to or delete information from a specific filter-list. Using this command with the desired filter-list-name brings you to the Filter filter-list-name Config> prompt for that filter list. From this new prompt you can change information in the list.
The order in which the filter-items are specified for a filter-list is important as it determines the order in which the filter-items are applied to a packet.
Syntax: update filter-list-name
Example: update newyork
MAC Filtering Update Commands
Table 16-2 lists the MAC filtering update commands. Enter these commands at the filter filter-list-name config> prompt.
? (Help) C
Lists available commands or options.
Syntax: ?
Example: ?
Add C
Adds filter-items to a filter-list. This command specifically lets you add a hexadecimal number to compare against the source or destination MAC address.
The order in which you add filter-items to a filter-list is important as it determines the order in which the filter-items are applied to a packet.
Each use of the add subcommand creates a filter-item within the filter-list. The first filter-item is assigned filter-item-number 1, the next one is assigned number 2, and so forth. After an add, the router displays the number of the filter-item just added.
The first match that occurs stops the application of filter-items, and the filter-list evaluates to either include, exclude or tag, depending on the designated action of the filter-list. If none of the filter-items of a filter-list produce a match, then the default action (include, exclude or tag) of the filter is returned.
Syntax: add
- source
- destination
source hex-MAC-addr hex-Mask
Adds a hexadecimal number (with no 0x in front, a maximum of 16 numbers, and an even number of hex numbers) to compare against the source MAC address.
The hex-mask parameter must be the same length as hex-MAC-address and is logically ANDed with the designated MAC address in the packet. The default hex-mask argument is all binary 1's.
You can enter the hex-MAC-addr in canonical or non-canonical bit order. Canonical bit order is just a hex number (for example, 000003001234) or a series of hex digits with a dash between every two digits (for example, 00-00-03-00-12-34).
Non-canonical bit order is a series of hex digits with a colon between every two digits (for example, 00:00:C9:09:66:49). MAC addresses of filter-items are always displayed using either dash or colon to distinguish canonical from non-canonical representations.
Example: add source
Enter MAC Address []? 00-00-03-00-12-34
Enter MAC Mask [ffffffffffff]?
destination hex-MAC-addr hex-Mask
Acts exactly like add source, except that the match is made against the destination rather than source MAC address of the packet.
Example: add destination
Enter MAC Address []? 00-00-03-00-12-34
Enter MAC Mask [ffffffffffff]?
Delete C
Removes filter-items from a filter-list. You delete filter items by specifying the filter-item-number assigned to the item when it was added.
When you delete a filter item, any gap created in the number sequence is filled in. For example, if filter-items 1, 2, 3, and 4 exist and you delete filter-item 3, then filter-item 4 is renumbered to 3.
Syntax: delete filter-item-number
Example: delete 3
Exit C
Use the exit command to return to the previous prompt.
Syntax: exit
Example: exit
List C
Lists all the filter-item records represented in canonical and non-canonical form. It displays the following information about each filter item:
Syntax: list
- canonical
- noncanonical
canonical
Lists all the filter-item records in a filter-list, giving the item numbers, the address type (SRC, DST), the MAC address in canonical form, and the address mask in canonical form. In addition gives the filter-list action.
Example: list canonical
non-canonical
Lists all the filter-item records in a filter-list, giving the item numbers, the address type (SRC, DST), the MAC address in non-canonical form and the address mask in non-canonical form. In addition gives the filter-list action.
Example: list non-canonical
Move C
Re-orders filter-items within the filter-list. The filter-item whose number is specified by filter-item-name1 is moved and renumbered to be just before filter-item-name2.
Syntax: move filter-item-name1 filter-item-name2
Example: move 2 4
Set-Action C
Lets you set a filter-list to either include, exclude or tag (with a tag-number option). If one of the filter-items of the filter-list matches the contents of the packet being considered for filtering, the filter-list evaluates to this condition. The default is include.
Syntax: set-action INCLUDE or EXCLUDE or TAG tag-number
Example: set-action exclude
[Top] [Prev] [Next] [Bottom]
docs@openroute.com
Copyright © 1997, OpenROUTE Networks, Inc. All rights
reserved. OpenROUTE 2.1