From: Nigel Taylor (nigel_taylor@xxxxxxxxxxx)
Date: Sat Apr 14 2001 - 13:20:07 GMT-3
Max,
See inline
Nigel..
----- Original Message -----
From: max aronica <max_aronica@hotmail.com>
To: <ccielab@groupstudy.com>
Sent: Saturday, April 14, 2001 9:48 AM
Subject: netbios filters, how to trace sources ?
> Can anybody advise any known method to have the total filtering capability
> by netbios-name on ethernet side in a DLSW scenario ?
>
> Understand that I can place a netbios access-list at the remote peer
> definition
> (dlsw remote-peer 0 tcp 1.1.1.1 host-netbios-out test1) but this will
filter
> the
> destination names, not the source.
>
> The "netbios input-access-filter" and "output-access-filter" are not
> accepted under
> ethernet interfaces, only token.
>
> So, what if I want to accept netbios from station A but not from station
B
> (same vlan) ? Of course we don't know their MAC address.
NT: The way I see this working is you won't ever have two machines on the
same
network with the same name, which would would mean using the following
command;
Token ring 1 = StationA and StationB
netbios access-list
netbios access-list host test1 permit Sta??A <-- any of these would work
netbios access-list host test1 permit *A <-- any of these would
work
This would permit StationA and deny any access to StaionB..
No need to re-invent the wheel..
>
> For any other bridging filter (MAC, LSAP) there is the way to filter by
> source and/or
> destination, but not here it seems.
> Any idea ?
>
> Thanks, Max
>
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:45 GMT-3