Create filters – Net Optics Smart Filtering none User Manual

Page 32

Advertising
background image

28

*** Confidential - DO NOT Distribute ***

Director

Create Filters

Filters process a traffic stream by selecting packets based on criteria in the packet header. A filter is defined using a

filter add command, which also specifies the Network ports and Monitor ports the filters apply to. The filter add

command specifies the following behavior:

Traffic is aggregated from all the listed Network ports

Then the filter parameters are applied

Packets which match all of the specified filter parameters are copied to all of the listed Monitor ports, assuming

the action=redir.

If the action=drop, the matching packets are not copied to any Monitor port; this mechanism is used to create

exclusive filters.

To send Monitor Port 1 all traffic received at Network Port 5 from IP addresses 192.168.10.0 to 192.168.10.15:

Enter

1.

filter add in_ports=n1.5 ip_src=192.168.10.0 ip_src_mask= 240 action=redir redir_ports=m.1. A filter

has been defined to select all IPv4 packets from Network Port 5 with a source IP addresses of 192.168.10.0 and the

lowest four address bits masked out (ignored); packets matching the filter are copied to Monitor Port 1.

Enter

2.

filter commit. The filter is activated.

Network Port 5

Monitor Port 1

Source IP =

192.168.10.0 –

192.168.10.15

filter add in_ports=n1.5 ip_src=192.168.10.0 ip_src_mask= 240 action=redir redir_ports=m.1

Simple IP address filter

Figure 26:

To create a filter that selects IPv4 packets by protocol:

Enter

1.

filter add in_ports=n1.3 ip4_prot=3 action=redir redir_ports=m.6,m.8. A filter has been defined to select

all IPv4 packets that use the TCP protocol received at Network Port 3 and copy them to Monitor Port 6 and Monitor

Port 8. (Protocols are designated by an industry-standard numbering system. See Appendix C for details.)

Enter

2.

filter commit. The filter is activated.

Network Port 3

Protocol =

TCP

Monitor Port 6

Monitor Port 8

filter add in_ports=n1.3 ip4_prot=3 action=redir redir_ports=m.6,m.8

Simple IPv4 protocol filter (with regeneration)

Figure 27:

Available filter parameters are listed in Appendix B and include:

ip_src

IP source address

ip_src_mask

IP destination address mask

Advertising
Popular Brands
Popular manuals