Support User Manuals

Enterasys Networks XSR CLI Router User Manual

Open as PDF

of 684

Firewall Interface Commands

16-130 Configuring Security

Example

ThefollowingexampledisablesthefirewallonFastEthernetport2only:

XSR(config-if<F2>)#ip firewall disable

ip firewall ip-broadcast

Thiscommandallowsincoming/outgoingIPpacketsthroughthefirewallwith255.255.255.255set

asthedestinationaddress.ItenablesbroadcastprotocolssuchasDHCPtotraversethefirewall.

Syntax

ip firewall ip-broadcast {in | out | both}

Syntax of the “no” Form

Thenoformofthiscommanddeniestheselectedbroadcastpackets:

no ip firewall ip-broadcast {in | out | both}

Default

IPbroadcastpacketsarenotallowedinboundandoutbound.

Mode

Interfaceconfiguration:XSR(config-if<xx>)#

Example

Theexamplebelowallowsbroadcastfilteringonoutgoingpacketsonly:

XSR(config-if<F2>)#ip firewall ip-broadcast out

ip firewall ip-multicast

Thiscommandallowsincoming/outgoingIPpacketswithamulticastdestinationaddressthrough

thefirewall.ItenablesmulticastprotocolssuchasRIPandOSPFtotraversethefirewall.

Syntax

ip firewall ip-multicast {in | out | both}

Syntax of the “no” Form

Thenoformofthiscommanddeniestheselectedmulticastpackets:

in or out

Allowspacketstoenterorexittheinterface.

both

Allowspacketstoenterandexittheinterface.

in or out

Allowspacketstoenterorexittheinterface.

both

Allowspacketstoenterandexittheinterface.

previous next