Specifications

ManualsBrandsEnterasys ManualsComputer equipmentAPS-3000

431

432

433

434

435

436

437

438

439

440

20-8 policy Commands

20.5.5 acfilters

Usetheacfilterscommandtoenterthepolicy:<named‐policy>:acfilterscontextforthe

configuringofACfilters.ACfilterrulesareappliedatthecontroller.Theacfilterscommandis

accessiblefromwithinthethepolicy:<named‐policy>context.

Thefollowingcommandsareavailableinthepolicy:<named‐policy>:acfilterscontext.

• create

• config

• delete

• move

Syntax

acfilters

Parameters

None.

Usage

The“no‐change”filtersettingmustbedisabledusingthefilterdisablecommandfortheacfilters

commandtobevisibleintheCLI.

Examples

Thefollowingexampleentersthepolicy:<named‐policy>:acfilterscontextforthep1<named‐

policy>:

EWC.enterasys.com:policy:p1# acfilters

EWC.enterasys.com:policy:p1:acfilters#

20.5.5.1 create

Usethecreatecommandtocreate,insert,orappendanewfilterruleintoanACfilterlistfor a

<named‐policy>.Thecreatecommandisaccessiblefromwithinthepolicy :<named‐

policy>:acfilterscontext.

Ifadvancedfiltermodehasbeenenabledwiththeenable‐advance‐filteringcommand(page20‐3),

theAdvanced

modesyntaxispresented.Ifadvancedfiltermodeisnotenabled,theBasicmode

syntaxispresented.

Syntax

Basic mode syntax:

create <pos> proto <protocol> (<ipaddress/mask> | interface-subnet | interface-ip)

[(port <port> [<port>]) | (type <type> [<type>])] in (none|dst) out (none|src)

(allow | deny)

Notes: AC filtering is not available when the associated topology is configured for Bridge at AP. AC

filtering is available when the associated topology is set to either Bridge at AC or Routed.

The acfilter command has been replaced by acfilters. acfilter is deprecated.