Create complex filters – Net Optics Smart Filtering none User Manual
Page 33
29
*** Confidential - DO NOT Distribute ***
Director
ip_dst
IP destination address
•
ip_dst_mask
IP source address mask
•
ip_proto
IP protocol
•
l4_src_port
Layer 4 source port
•
l4_dst_port
Layer 4 destination port
•
vlan
VLAN number
•
Create Complex Filters
Multiple filter parameters can be specified in a single filter add command. Packets must satisfy all of the filter
parameters to be selected; in other words, the filter parameters have a logical AND connection.
To select all TCP traffic arriving from IP address 192.186.10.0:
Enter
1.
filter add in_ports=n1.5 ip_src=192.186.10.0 ip_proto=6 action=redir redir_ports=m.1. A filter has been
defined to select all IPv4 TCP packets from Network Port 5 with a source IP address of 192.186.10.0; packets
matching the filter are copied to Monitor Port 1.
Enter
2.
filter commit. The filter is activated.
Monitor Port 1
Network Port 5
Source IP =
192.186.10.0
Network Port 5
Protocol =
TCP
filter add in_ports=n1.5 ip_src=192.186.10.0 ip_proto=6 action=redir redir_ports=m.1
Logical AND filter connection
Figure 28:
A logical OR connection can be made between filters by specifying multiple filters with the same Network and Monitor
port lists.
To select all packets which are either TCP or UDP protocol:
Enter
1.
filter add in_ports=n1.5 ip_proto=6 action=redir redir_ports=m.1. A filter has been defined to select all IPv4
TCP packets from Network Port 5 and copy them to Monitor Port 1.
Enter
2.
filter add in_ports=n1.5 ip_proto=17 action=redir redir_ports=m.1. Another filter has been defined to
select all IPv4 UDP packets from Network Port 5 and copy them to Monitor Port 1.
Enter
3.
filter commit. The filters are activated.