| Description | This table contains ordered lists of filters for
all the IP protocol filter profiles. Device traffic
filtering system applies filters of a filter profile
according to the filter order position. IP packets
matching any filter will be processed according to
the matching action specified by the filter or they
will be discarded if they do not match any filters.
Any IP packet through an interface can theoretically
match multiple filters or rows of this table of the
same filter profile. When applying a filter to a
packet, the cippfIfIpProfileTable is used to first
identify the filter profile to use, then this table
is scanned according to filter profile name and
filter order position. If the packet matches all
criteria for that row, the action defined in the
cippfIpFilterAction object of the row will be taken.
If the action for the matching filter is deny(1),
the packet is discarded and the processing is
completed. If the action for the matching filter is
permit(2), the packet is accepted and permitted to
be processed by the bridging or routing logic. If
the packet matches no filter in this table, the
packet is always deny(1) and will be dropped.
To create a filter, the cippfIpProfileName must
already exists in the cippfIpProfileTable. No filter
can be created without an existing filter in the
cippfIpProfileTable. If the filter profile is
deleted from the cippfIpProfileTable, all the
associated filters in this table will also be
deleted. |