Hello

spanning-tree portfast 
spanning-tree bpdufilter enable
spanning-tree bpduguard enable

I labbed this up some time back and these are the results:

Portfast:
when enabled, skips listening and learning state,
when interface is brought up, regardless of being configured in interface mode,
or from global config -

Enabled From global config if bpgdu are seen only in this mode then portfast status is lost.
Enabled From port config port stills continues to be in portfast regarless


BPDU Guard:
BPDUs, when seen on portfast enabled ports, shuts down (err-disables) the port.   
May be applied from global or interface config.   

If applied in interface config, portfast doesn't need to be enabled,
and if BPDUs show up, it will still put the port in err-disable.
 


BPDU Filter:
Stops BPDUs from being sent or received on ports that are operationally using portfast.

If configured from global config,
BPDUs will trigger the port to stop using portfast( normal STP State) and BPDU filtering will stop on that port.   

If applied in interface config,
BPDUs will be filtered, regardless of portfast operational state protential

Enabling BPDU filtering on an interface is the same as disabling spanning tree on it and can result in spanning-tree loops.


res
Paul