Comware

I have four brand new 2620's.  All running the same firmware version.  Two of them work perfectly when applying sourece-port filters.  The other two allow me to create the named-list, but the moment I try to apply it to a port, the switch CPU utilization jumps to 100%, the switch stops responding and does not recover.  A hard reset is required each time this happens.  This happens even when there is no traffic on the switch, while connected to the console port.  Is this a bug in the frimware?  Is it a hardware failure?  Has anyone seen this before? 

Below are two configs.  The first one (1Sw1) crashes when ports are added the lists.  The second one (BSw1) works fine as you can see from the config, it has ports added to the lists.

Running configuration:

; J9626A Configuration Editor; Created on release #RA.15.10.0010
; Ver #03:03.17.2f:38
hostname "1Sw1"
filter source-port named-filter "WiFi" drop 3-49,52
filter source-port named-filter "OFFICE_102" drop 3-44,47-49,51-52
sntp server priority 1 10.254.1.254
no stack
no telnet-server
no web-management
web-management ssl
ip route 0.0.0.0 0.0.0.0 10.254.1.254
ip routing
interface 2
name "LINK_TO_SERVER"
exit
interface 49
name "CASCADE_TO_1Sw2"
exit
interface 50
name "UPLINK_TO_FW"
exit
interface 51
name "LINK_TO_WiFi"
exit
interface 52
name "CASCADE_TO_BSw1"
exit
snmp-server community "public" unrestricted
no snmp-server enable
vlan 1
name "MGMT"
no untagged 3-48
untagged 1-2,50
tagged 49,51-52
ip address 10.254.1.1 255.255.0.0
exit
vlan 10
name "DEFAULT"
untagged 3-48
tagged 49,52
ip address 10.10.0.1 255.255.0.0
ip helper-address 10.254.1.250
exit
vlan 19
name "GUEST_WiFi"
tagged 51-52
ip address 10.19.0.1 255.255.0.0
ip helper-address 10.254.1.250
exit
vlan 20
name "WIFI"
tagged 51-52
ip address 10.20.0.1 255.255.0.0
ip helper-address 10.254.1.250
exit
spanning-tree
spanning-tree priority 0 force-version rstp-operation
no dhcp config-file-update
password manager
password operator

------------------------------------------------------------------

; J9626A Configuration Editor; Created on release #RA.15.10.0010
; Ver #03:03.17.2f:38
hostname "BSw1"
filter source-port named-filter "WiFi" drop 1-49
filter source-port named-filter "OFFICE_1" drop 1-38,43-49,51
filter source-port named-filter "OFFICE_2" drop 1-42,47-49,51
filter source-port 51 named-filter "WiFi"
filter source-port 39-42 named-filter "OFFICE_1"
filter source-port 43-46 named-filter "OFFICE_2"
no stack
no telnet-server
no web-management
web-management ssl
ip default-gateway 10.254.1.1
interface 49
name "CASCADE_TO_BSw2"
exit
interface 50
name "UPLINK_TO_1Sw1"
exit
interface 51
name "LINK_TO_WiFi"
exit
snmp-server community "public" unrestricted
no snmp-server enable
vlan 1
name "MGMNT"
no untagged 1-48
tagged 49-52
ip address 10.254.0.1 255.255.0.0
exit
vlan 10
name "DEFAUlT"
untagged 1-48
tagged 49-50
no ip address
exit
vlan 19
name "GUEST_WiFi"
tagged 50-51
no ip address
exit
vlan 20
name "WIFI"
tagged 50-51
no ip address
exit
no dhcp config-file-update
password manager
password operator

Doesn't sound at all healthy. I'd suggest calling support.

Upgrade them to the latest firmware first.

They are running the latest firmware.

What happens if you try to apply it with the port in "disable" state?

I hadn't tried it with the port "admin down" but I did try it with no traffic at all on the switch.  I connected to the console port and unplugged every other port.  Still crashed.