Filtering on source IP address and destination protocol
The following example shows how to define a firewall rule that filters on source IP address and destination protocol. This rule allows TCP packets originating from address 10.10.30.46 (that is, R5), and destined for the Telnet port of R1. The instance is applied to local packets (that is, packets destined for this router, R1) through the dp0p1p2 interface.
To create an instance that filters on source IP address and destination protocol, perform the following steps in configuration mode.
Step | Command |
---|---|
Create the configuration node for the FWTEST-3 firewall instance and its rule 1. This rule accepts traffic matching the specified criteria. |
|
Define a rule that filters traffic on the 10.10.30.46 source IP address. |
|
Define a rule that filters TCP traffic. |
|
Define a rule that filters traffic destined for the Telnet service. |
|
Apply FWTEST-3 to packets bound for this router arriving on dp0p1p2. |
|
Commit the configuration. |
|
Show the configuration. |
|