Alcatel Unleashed

The #1 Worldwide board for technical support on Alcatel-Lucent Voice & Data gear.
https://alcatelunleashed.com/

ip filter

https://alcatelunleashed.com/viewtopic.php?t=26188

Page 1 of 1

ip filter

Posted: 31 May 2016 13:46
by mike18
Hi Everyone,

I see below config in 7750

echo "Filter Configuration"
#--------------------------------------------------
filter
ip-filter 1 create
description "Wifi Management"
scope exclusive
entry 10 create
match
src-ip 10.56.120.0/24
exit
action forward
exit
entry 20 create
match
src-ip 10.70.56.38/32
exit
action forward
exit
entry 30 create
match
src-ip 10.24.16.149/32
exit
action forward
exit
exit
ip-filter 2 create
description "Ingress Wifi Management"
scope exclusive
entry 10 create
match
src-ip 192.168.150.20/32
exit
action forward
exit
entry 20 create
match
src-ip 192.168.150.21/32
exit
action forward
exit
exit
exit
exit

Does this mean that when any traffic comes from the below sources it will allow it or it will just allow echo traffic only?

Regards
Mike

Re: ip filter

Posted: 01 Jun 2016 03:42
by mivens
If you check the output of the commands "show ip filter 1" and "show ip filter 2" you should see that the default action is "drop".

This means that any traffic not matched by an entry will be dropped.

There is nothing in those filter entries that explicitly matches ICMP echo traffic. To match ICMP echo requests for example, you'd include something like:

/configure filter ip-filter 1 entry 1 match protocol "icmp" icmp-type "echo-request"

Check out the chapter on filter policies in the 7750 Router Configuration Guide, for example from page 378 onwards at https://infoproducts.alcatel-lucent.com ... 01_V1_7750

Re: ip filter

Posted: 03 Jun 2016 15:19
by mike18
Many thanks Mivens.

Regards
Mike
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited