C o n f i g u r a t i o n 91Configure IP FilteringIP Filtering lets you specify rules for handling data packets transitioning aninterface. Based on a set of rules, packets can be passed or blocked whenentering or leaving an interface.IP Filtering is one part of creating a Firewall to protect local networks fromundesirable access.NOTICE: Please refer to the Applications Notes on IP Filtering found inAppendix C for the general information and syntax needed to programthe filter.NOTICE: Because each packet must be tested against one or more filters, IPfiltering may significantly affect IAD performance.To use IP filtering, you must create a text file called filter.st. This file shouldbe created and edited external to the IAD and then downloaded via TFTP orXMODEM. The syntax is defined under the Grammar section on pagepage C-255. To configure IP Filtering, Type “F” on the Router Configurationmenu (Figure 4.51). The IAD displays the IP Filtering Configuration menu.Figure 4.58 IP Filtering Configuration MenuIf the filter.st file is present on the IAD, IP Filtering will be enabled. The IPFiltering Configuration Menu then lets you load and unload rule sets, print thecurrent list of filters, and show and clear IP Filter Statistics.Each option on the above menu is described in detail below.read filter.st Type “1” to have the IAD load a new rule set from the filter.st file. Onceyou have uploaded the file, the IAD will begin filtering without your havingto reboot the IAD. To upload a file to the file system, refer to File SystemMenu on page 3-40.print filters Type “2” to display a list of currently installed input and output filters(Figure 4.59).