When you create Traffic Management filters, you can modify the sequence in which they fire by selecting a filter and using the Move Up and Move Down buttons at the bottom of the screen. In general, more specific filters should come first. For example, a more specific IP filter might block traffic with fully qualified source and destination IP addresses and ports. More general ones, like those that apply to subnets, should follow.
Packets that match "allow" or "rate-limit" filters are inspected by other types of filters. In other words, the system does not allow attacks through because the packet matched an "allow" filter. You can also set the filters to trust traffic. Trusted filters instruct the IPS not to inspect the traffic, allowing the traffic to continue without comparing it with any other filter rules.
- Log in to the SMS from a client.
- From the top navigation pane, click Profiles. The Profiles screen displays.
- From the navigation pane on the left, click the + sign next to the Inspection Profiles to expand the category.
- From the navigation pane on the left, locate and expand the Profile you will be working with.
- Select User Defined Filters.
- Select Traffic Management. The Traffic Management screen displays.
- On the Traffic Management screen, move filters into an order for use by the system.
- Select the appropriate filter and click the appropriate button:
- Move Up
- Move Down
- The new order is automatically saved.
Reference: SMS User Guide