Filter Example

Creating/Removing Traffic Filters:

The Figure below describes the network for the example:



Traffic filters are useful to select and filter any particular flow of traffic. Following example shows how to do it.

Deny any packet that has source IP address of 205.226.24.45 and destination IP address of 205.226.24.54 that arrives on the Controller 1 on any interface.

  1. Initiate a clearVISN IP Switch Manager session to the Controller 1.
  2. Click .
  3. Click the Quality of Service link in the Policy Configuration section.
  4. Click .
  5. Enter the policy name in the Policy Name edit box: test1.
  6. Click .
  7. Click .
  8. Enter the new rule name in the New Rule Name edit box: rule01.
  9. Enter in the Source/MaskLen edit box: 205.226.24.45/32.
  10. Enter in the Dest/MaskLen edit box: 205.226.24.54/32.
  11. Click the check boxes for Inbound and Outbound.
  12. Click the deny entry in the Actions for this rule drop-down list.
  13. Click .
  14. Click .
  15. Click test1 in the Current QoS Policies drop-down list.
  16. Click .
  17. Click .
  18. Click .
  19. Now try to ftp or telnet from 205.226.24.45 to 205.226.24.54; This should not work.

Deny any packet that has source IP address of 205.226.24.45 and destination IP address of 205.226.24.54 and is destined for telnet port(23) that arrives on the Controller 1 on any interface.

  1. Initiate a clearVISN IP Switch Manager session to the Controller 1.
  2. Click .
  3. Click the Quality of Service link in the Policy Configuration section.
  4. Click .
  5. Enter the policy name in the Policy Name edit box: test2.
  6. Click .
  7. Click .
  8. Enter the new rule name in the New Rule Name edit box: rule01.
  9. Enter in the Source/MaskLen edit box: 205.226.24.45/32.
  10. Enter in the Dest/MaskLen edit box: 205.226.24.54/32.
  11. Click the check boxes for Inbound and Outbound.
  12. Enter in the Dport/Mask edit box: telnet or 23.
  13. Click the deny entry in the Actions for this rule drop-down list.
  14. Click .
  15. Click .
  16. Click test2 in the Current QoS Policies drop-down list.
  17. Click .
  18. Click .
  19. Click .
  20. Now try to telnet from 205.226.24.45 to 205.226.24.54; This should not work.

    Try ftp from 205.226.24.45 to 205.226.24.54; This should work.

Copyright © 1997 Ipsilon Networks, Inc.
Portions copyright © Digital Equipment Corporation 1998. All rights reserved.
Updated January 8, 1998
Send comments to Digital Equipment Corporation, doc-quality@lkg.mts.dec.com