Supported filter policy types
Filter policies configurable in the NFM-P
Table 51-1: NFM-P filter policies
Filter policy type |
Purpose |
See |
---|---|---|
ACL Aggregate filter policy |
This policy provides a container for configured filter policies. The following can be assigned to an ACL Aggregate filter policy: |
|
ACL MAC filter policy |
This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface and service tunnel based on MAC matching criteria and the forwarding action. |
|
ACL IP filter policy |
This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of a network or access IP interface or service tunnel based on IPv4 matching criteria and the forwarding action. |
|
ACL IPv6 filter policy |
This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface or service tunnel based on IPv6 matching criteria and the forwarding action. |
|
ACL IP Exception filter policy |
This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface in an NGE or cellular domain based on protocol-specific matching criteria and source and destination information. |
|
ACL IPv6 Exception filter policy |
This policy is an ACL IP exception filter for IPv6: it defines the network traffic filtering criteria used to allow or deny network traffic into or out of an interface based on protocol-specific matching criteria and source and destination information. |
|
IP Prefix list filter policy |
This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface based on a defined list of IP Prefix list members. |
|
Port list filter policy |
This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface based on a defined list of port list members. |
|
DHCP filter policy |
This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of IES and VPRN group interfaces based on DHCP matching criteria. |
|
DHCPv6 filter policy |
This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of IES and VPRN group interfaces based on DHCPv6 matching criteria. |
|
Redirect filter policy |
This policy allows specifying multiple redirect target destinations and defining health check test methods used to validate the ability for a given destination to receive redirected traffic. |
|
Redirect policy binding |
Redirect policy bindings allow configuration of an association between destination addresses in Rredirect policies, so that results of Ping tests can be shared. |
|
ACL VLAN filter policy |
This policy defines the network traffic filtering criteria used to allow or deny network traffic on network ports of a ring card based on a defined VLAN range. |
|
System filter policy |
This policy allows operators to configure a filter chain for packet matching. In this chain, an active system filter policy rules are evaluated first. If no match occurs, then rules specified by any chained filter policies are evaluated. |
|
Embedded and embedding filter policies |
An embedded filter policy allows users to define a common set of filter policy rules that can then be nested in one or more other filter policies. The filters that support the embedded filter policies are referred to as embedding filter policies. |
To configure an embedding filter with embedded filter policies |
Syslog policy |
This policy defines the destination details for log messages such as the target address and target UDP port, when the ACL Filter Log policy specifies a Syslog destination for storing log information. |
|
ACL Filter Log policy |
This policy defines where log information for all actions performed on 7210 SAS, 7705 SAR, and 7x50 NEs that match ACL MAC, ACL IP, and ACL IPv6 filter entry criteria are written (memory or Syslog), how many log entries can be stored, and what action is performed when the log files meet the specified threshold. |
|
GRE tunnel template policy |
GRE tunnel template policies specify a set of GRE encapsulation parameters to use when the primary action for ACL IP and ACL IPv6 filter policies is set to Forward (GRE Tunnel). GRE Tunnel Templates are assigned to ACL IP filter policies and ACL IPv6 filter policies. |
|
Protocol List policy |
This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface based on a defined list of protocols. |