Traffic/Security Filters and Monitors
Filter Types and Operation
Viewing a Named Source-Port Filter
You can list all source-port filters configured in the switch, both named and
unnamed, and their action using the show command below.
Syntax: show filter source-port
Displays a listing of configured source-port filters, where
each filter entry includes a Filter Name, Port List, and
Action:
Filter Name: The filter-name used when a named
source-port filter is defined. Non-named source-port
filters are automatically assigned the port or port trunk
number of the source port.
Port List: Lists the port and port trunk destinations
using the filter. Named source-port filters that are not in
use display NOT USED.
Action: Lists the ports and port trunks dropped by the
filter. If a named source-port filter has been defined but
not configured, this field is blank.
[ index ]
For the supplied index (IDX) displays the action taken
(Drop or Forward) for each destination port on the switch.
Using Named Source-Port Filters
A company wants to manage traffic to the Internet and its accounting server
on a 26-port switch. Their network is pictured in Figure 11-4. Switch port 1
connects to a router that provides connectivity to a WAN and the Internet.
Switch port 7 connects to the accounting server. Two workstations in
accounting are connected to switch ports 10 and 11.
Port 7
Port 1
Router to the
Internet
Port 10
Accounting Workstation 1
Port 11
Accounting Workstation 2
Network Design
1. Accounting Workstations may only send traffic to the Accounting Server.
2. No Internet traffic may be sent to the Accounting Server or Workstations.
3 All other switch ports may only send traffic to Port 1.
Accounting Server 1
Figure 11-4. Network Configuration for Named Source-Port Filters Example
11-9
