Configuring a multicast or protocol traffic filter
Syntax:
filter
no filter
[multicast <mac-address>]
Specifies a multicast address. Inbound traffic received (on any port) with this multicast address will be filtered. (Default: Forward on all ports.)
The
no
form of the command deletes the multicast filter for the <mac-address> multicast address and returns the destination ports for that filter to theForward
action.[<forward|drop> <port-list>]
Specifies whether the designated destination port(s) should forward or drop the filtered traffic.
[protocol <ip|ipx|arp|appletalk|sna|netbeui>]
Specifies a protocol type. Traffic received (on any port) with this protocol type will be filtered. (Default: Forward on all ports.)
The
no
form of the command deletes the protocol filter for the specified protocol and returns the destination ports for that filter to theForward
action.[<forward|drop> <port-list>]
Specifies whether the designated destination port(s) should forward or drop the filtered traffic.
Example:
Filter type |
Filter value |
Action |
Destination ports |
---|---|---|---|
source-port |
Inbound ports: 1, 2 |
Drop |
1-4 |
multicast |
010000-123456 |
Drop |
5-8, 9-12 |
multicast |
010000-224466 |
Drop |
13-15 |
protocol |
Appletalk |
Drop |
16-19, 1 |
protocol |
ARP |
Drop |
22, 23-24 |
The following commands configure the filters listed above:
Configuring various traffic/security filters
switch(config)# filter source-port 1 drop e 1-4 switch(config)# filter source-port 2 drop 1-4 switch(config)# filter multicast 010000-123456 drop e 5-8,9-12 switch(config)# filter multicast 010000-224466 drop e 13-15 switch(config)# filter protocol appletalk drop e 16-19,1 switch(config)# filter protocol arp drop e 22,23-24