portfilter

Syntax

portfilter <INTERFACE-LIST>

no portfilter [<INTERFACE-LIST>]

Description

Configures the specified ports so they do not egress any packets that were received on the source port specified in interface context.

The no form of this command removes the port filter setting from one or more ingress ports/LAGs.

Command context

config-if

config-lag-if

Parameters

<INTERFACE-LIST>
Specifies a list of ports/LAGs to be blocked for egressing. Specify a single interface or LAG, or a range as a comma-separated list, or both. For example: 1/1/1, 1/1/3-1/1/6,lag2, lag1-lag4.

Authority

Administrators or local user group members with execution rights for this command.

Usage

When a port filter configuration is applied on the same ingress physical port/LAG, the configuration is updated with the new sets of egress ports/LAGs that are to be blocked for egressing and that are not a part of its previous configuration. Duplicate updates on an existing port filter configuration are ignored.

When egress ports/LAGs are removed from the existing port filter configuration of an ingress port/LAG, egressing is allowed again on those egress ports/LAGs for all packets originating from the ingress port/LAG.

The no portfilter [<IF-NAME-LIST>] command removes port filter configurations from the egress ports/LAGs listed in the <IF-NAME-LIST> parameter only. All other egress ports/LAGs in the port filter configuration of the ingress port/LAG remain intact.

If no physical ports or LAGs are provided for the no portfilter command, the command removes the entire port filter configuration for the ingress port/LAG.

Examples

Creating a filter that prevents packets received on port 1/1/1 from forwarding to ports 1/1/3-1/1/6 and to LAGs 1 through 4:

switch(config)# interface 1/1/1
switch(config-if)# portfilter 1/1/3-1/1/6,lag1-lag4

Creating a filter that prevents packets received on LAG 1 from forwarding to ports 1/1/6 and LAGs 2 and 4:

switch(config)# interface lag 1
switch(config-lag-if)# portfilter 1/1/6,lag2,lag4

Removing filters from an existing configuration that allows back packets received on port 1/1/1 to forward to ports 1/1/6 and LAGs 3 and 4:

switch(config)# interface 1/1/1
switch(config-if)# no portfilter 1/1/6,lag3,lag4

Removing all filters from an existing configuration that allows back packets received on LAG 1 to forward to all the ports and LAGs:

switch(config)# interface lag 1
switch(config-lag-if)# no portfilter