Editing dynamic rules with the gui, Table 4 – Force10 Networks PSeries 100-00055-01 User Manual
Page 28
28
Graphical User Interface
describes the four possible combinations of capture/forward policies.
Editing Dynamic Rules with the GUI
Dynamic rules are stored in the file rules.custom in the /usr/local/pnic/0 directory. The GUI provides a
quick way to access and modify these rules by invoking the vi editor on this file.
Table 4 Managing Rules Using the GUI
Option
Description
Edit Rules
This option invokes the vi editor on the file rules.custom in the /user/local/pnic/0
directory (see
“Editing Dynamic Rules with the GUI” on page 28
•
You can add, delete, or modify dynamic rules for either of the processing
channels (see
for information on vi).
•
The rules are automatically compiled and loaded into the appliance; you are
prompted to confirm these actions.
Manage Rules
This option instructs the DPI on handling matching packets.
•
It displays a list of all the rules contained in the FPGA and the policy setting for
each.
•
There are four policies available, and they are described in
.
•
Rules configured to ignore a packet—that is, the policy setting is permit or
deny—take precedence over rules that have a policy setting of alert or divert.
Therefore, a permit or deny rule disables the capturing for all other rules that
match the same packet.
•
To modify policy settings, see
“Managing Capture/Forward Policies with the
Note: The
Capture toggle is not used. Capture/forward settings can only be
modified through the graphical user interface.
Manage Firmware
It displays the firmware files in /usr/local/pnic/firmware and allows you to select
one to be uploaded to the FPGA. Selecting firmware restarts and reloads the
FPGA.
To manage firmware, see
“Selecting Firmware with the GUI” on page 30
Table 5 Capture/Forward Policies
Policy
Capture
Forward
Permit
3
Deny
Alert
3
3
Divert
3