Add local host filters

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To add local host filters

  1. Open Routing and Remote Access.

  2. In the console tree, click General.

    Where?

    • Routing and Remote Access/server name/IP Routing/General
  3. In the details pane, right-click the interface on which you want to set the filter, and then click Properties.

  4. On the General tab, click Inbound Filters.

  5. In the Inbound Filters dialog box, click New, and create a set of five input filters.

  6. In the Inbound Filters dialog box, click Drop all packets except those that meet the criteria below, and then click OK.

The five filters are described in the following table.

Filter Example

Accept packets sent directly to your computer.

Your router is configured with an IP address of 10.1.1.1 and a subnet mask of 255.255.0.0. To allow packets with a destination of your router, add a filter with a Destination IP address of 10.1.1.1, a Destination Subnet mask of 255.255.255.255, and select Any as the type of protocol.

Accept packets broadcast to the local subnet.

The second filter enables you to receive packets that are going to the 10.1.0.0 subnetted network. Add a filter with a Destination IP address of 10.1.255.255, a Destination Subnet mask of 255.255.255.255, and select Any as the type of protocol.

Accept packets broadcast to all subnets of a class-based network.

Set this filter to allow packets going to all subnets of the network 10.0.0.0. Add a filter with a Destination IP address of 10.255.255.255, a Destination Subnet mask of 255.255.255.255, and select Any as the type of protocol.

Accept packets sent to the limited broadcast (the all-1s address)

Add a filter with a Destination IP address of 255.255.255.255, a Destination Subnet mask of 255.255.255.255, and select Any as the type of protocol.

Accept all IP multicast packets

Add a filter with a Destination IP address of 224.0.0.0, a Destination Subnet mask of 240.0.0.0, and select Any as the type of protocol.

Note

  • To perform this procedure, you must be a member of the Administrators group. As a security best practice, consider using the Run As command rather than logging on with administrative credentials. If you have logged on with administrative credentials, you can also open Routing and Remote Access by clicking Start, clicking Control Panel, double-clicking Administrative Tools, and then double-clicking Routing and Remote Access. For more information, see Default local groups, Default groups, and Using Run as.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Working with MMC console files
Packet filtering
Add a packet filter
Modify a packet filter
Delete a packet filter