Manualshelf

Product specifications

ManualsBrandsEfficient Networks ManualsComputer equipmentRouter family Command line interface
161162163164165166167168169170
Chapter 5: System Security Efficient Networks
®
Router family
Technical Reference Guide
Page 5-24 Efficient Networks
®
Receive Filters
The router next compares the packet to the list of receive filters for this interface.
Again, the first filter in the list that matches the packet determines whether the packet
is accepted, dropped, or rejected. If no filter matches the packet, the packet is
accepted.
Receive filters are applied before the packet destination is determined by the routing
table. The packet may be destined for the router itself and/or destined for output to
another interface.
NOTE:
If Network Address Translation is disabled, the Receive filter list is checked
immediately after the Input filter list. In this case, identical Input and Receive filters
have the same effect (see the examples at the end of the IP Filtering section.)
Transmit Filters
If the packet is destined for another interface, the router compares the packet to the
list of transmit filters for this interface. The first filter that matches the packet
determines whether the packet is accepted, dropped, or rejected. If no filter matches
the packet, the packet is accepted.
If the packet is accepted, Network Address Translation is performed, if Network
Address Translation (NAT) is enabled for the output interface.
Figure 5-3: IP Filtering Process
Input filters
Network Address Translation
Receive filters
Packet destined for another interface
Network Address Translation
Output filters
Packet arrives at interface
Packet destined for router acting as host
Transmit filters
Packet sent out interface