User manual
8-12 Packet Filter
s
3.
Enter the protocol rules for the protocol section you are
defining. Observe the following guidelines
• Begin each rule with a unique line number (1-999)
• Arrange rules in increasing order within each protocol
section
• Arrange rules so that the rules you expect to be matched
most frequently are toward the top of the list
• Delimit each rule with a semi-colon
For example:
IP:
010 ACCEPT src-addr = 128.100.33.1;
020 ACCEPT dst-addr = 200.135.38.9;
4.
Continue to define protocol rules for each protocol section
you want to filter.
5.
Visually inspect the file to ensure that it meets the
requirements described in this chapter.
Note: This step is important, since you cannot edit the filter file
from within the NETServer CLI. To make any changes, you
must modify the original file using a text editor, and TFTP the
modified file again to the NETServer, replacing the original file.
6.
Save the filter file using a .fil extension. The filter file
extension will allow you to differentiate the filter file from
other files stored in the NETServer FLASH memory.
7.
Configure a PC as a Trivial File Transfer Protocol (TFTP)
client of the NETServer by entering the following command:
add TFTP client
<hostname or IP address>
8.
From a machine that has access to the same network as the
NETServer, use the following TFTP commands to transfer
the filter file to the NETServer FLASH memory.
tftp
<NETServer IP address>
put
<filter filename>