There are several ways to modify an existing filter policy. A filter policy can be modified dynamically as part of subscriber management dynamic insertion or removal of filter policy entries (see the 7450 ESS, 7750 SR, and VSR Triple Play Service Delivery Architecture Guide for details). A filter policy can be modified indirectly by configuration change to a match list the filter policy uses (as described earlier in this guide). In addition, a filter policy can be directly edited as described below.
To access a specific IP (v4/v6), or MAC filter, you must specify the filter ID, or if defined, filter name. Use the no form of the command to remove the command parameters or return the parameter to the default setting.
- config>filter>ip-filter# description "New IP filter info"
- config>filter>ip-filter# entry 2 create
- config>filter>ip-filter>entry$ description "new entry"
- config>filter>ip-filter>entry# action drop
- config>filter>ip-filter>entry# match dst-ip 10.10.10.104/32
- config>filter>ip-filter>entry# exit
- config>filter>ip-filter#The following output displays the modified IP filter output:
A:ALA-7>config>filter# info
----------------------------------------------
...
ip-filter 11 create
description "New IP filter info"
scope exclusive
entry 1 create
match
dst-ip 10.10.10.91/24
src-ip 10.10.10.106/24
exit
action drop
exit
entry 2 create
description "new entry"
match
dst-ip 10.10.10.104/32
exit
action drop
exit
entry 10 create
match
dst-ip 10.10.10.91/24
src-ip 10.10.0.100/24
exit
action drop
exit
entry 15 create
description "no-91"
match
dst-ip 10.10.10.91/24
src-ip 10.10.10.103/24
exit
action forward
exit
entry 30 create
match
dst-ip 10.10.10.91/24
src-ip 10.10.0.200/24
exit
action forward
exit
exit
..
----------------------------------------------
A:ALA-7>config>filter#