hi
i am tiring to to permit traffic to 2 IP address and deny all the rest
but after i am putting docsDevFilterIp (.7) its not working
thanks
Sharon
SnmpMibObject docsDevFilterIpStatus.2 Integer 4; /* createAndGo */
SnmpMibObject docsDevFilterIpControl.2 Integer 2; /* accept */
SnmpMibObject docsDevFilterIpIfIndex.2 Integer 1 ;
SnmpMibObject docsDevFilterIpDirection.2 Integer 3; /* both */
SnmpMibObject docsDevFilterIpDaddr.2 IPAddress 23.44.251.16 ;
SnmpMibObject docsDevFilterIpDmask.2 IPAddress 255.255.255.255 ;
SnmpMibObject docsDevFilterIpStatus.5 Integer 4; /* createAndGo */
SnmpMibObject docsDevFilterIpControl.5 Integer 2; /* accept */
SnmpMibObject docsDevFilterIpIfIndex.5 Integer 1 ;
SnmpMibObject docsDevFilterIpDirection.5 Integer 3; /* both */
SnmpMibObject docsDevFilterIpDaddr.5 IPAddress 8.8.8.8 ;
SnmpMibObject docsDevFilterIpDmask.5 IPAddress 255.255.255.255 ;
SnmpMibObject docsDevFilterIpStatus.7 Integer 4; /* createAndGo */
SnmpMibObject docsDevFilterIpControl.7 Integer 1; /* discard */
SnmpMibObject docsDevFilterIpIfIndex.7 Integer 1 ;
SnmpMibObject docsDevFilterIpDirection.7 Integer 3; /* both */
SnmpMibObject docsDevFilterIpDaddr.7 IPAddress 0.0.0.0 ;
SnmpMibObject docsDevFilterIpDmask.7 IPAddress 0.0.0.0 ;
1/ Rather than adding rule 7, you can control the default action (traffic didnt match any of your rules) like this :
SnmpMibObject docsDevFilterIpDefault.0 Integer 1; /* discard */
2/ Your rules 2 and 5 are filtering in "both" directions, however you are matching on daddr / dmask. So that will work for eg outbound to 8.8.8.8, but not inbound from 8.8.8.8.
If you are trying to restrict access to allow only allow these 23.44.251.16 and 8.8.8.8 IPs, you probably need 4 x rules not 2, to match both the inbound and outbound traffic.