Intel® Business Client Software Development
Support for Intel® vPro™ software development and technologies associated with Intel vPro platforms.
1381 Discussions

Creating IPV4 filter for not allowing particular IP

MPala11
New Contributor II
‎06-29-2010 08:23 AM
479 Views
Solved Jump to solution

Hi,

I tried to create a filter which will not allow a particular IP using Manageability commander tool

Filter config as below

Filter Info
Direction:Receive(inbound Packets)
Profile:Statistics drop

Filter Matching Info
Filter Type:IP Packets
ProtocolVersion:IPV4
Address:x.x.x.22
Netmask:255.255.248.0
Direction :Receive(inbound)

Create a profile with default values and added the above Filter and enabled the policy in the AMT system.
Policy details
Default Rx filter: No action
Default Tx Filter:No action
Anti Spoofing Filter :No Action

If we ping from x.x.x.22, it will discard the request, since we disabled the receive and ping from other system will work
After enabling policy network of the system was disabled, not able to ping from any system.
Actually we have set filter for one IP address alone, so remaining IP's need to work, but not working
Is it possible to create filter that will not allow a particular IP?

Thanks,
Mani



0 Kudos
1 Solution
Andrew_S_Intel2
Employee
‎06-29-2010 10:46 AM
479 Views
Solved Jump to solution
I apologize if I'm not interpreting your question correctly, but if you just want to block one specific IP address, you should be able to use a netmask of 255.255.255.255. It's been a while since I used the filtering functionality, but I think the netmask you did specify (255.255.248.0) would block any IP address between X.X.1.1 and X.X.7.254.

View solution in original post

0 Kudos
Copy link

Link Copied

2 Replies
Andrew_S_Intel2
Employee
‎06-29-2010 10:46 AM
480 Views
Solved Jump to solution
I apologize if I'm not interpreting your question correctly, but if you just want to block one specific IP address, you should be able to use a netmask of 255.255.255.255. It's been a while since I used the filtering functionality, but I think the netmask you did specify (255.255.248.0) would block any IP address between X.X.1.1 and X.X.7.254.
0 Kudos
Copy link
MPala11
New Contributor II
‎06-29-2010 11:40 AM
479 Views
Solved Jump to solution
Hi Andrew ,
Thanks for the reply.

I found this article is useful for understanding system defense

Intel Active Management Technology System Defense and Agent Presence Overview

Thanks,
Mani

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.