Net Optics Smart Filtering none User Manual

Page 39

Advertising
background image

35

*** Confidential - DO NOT Distribute ***

Director

Note: __________________________________________________________________________________________________

Instead of filter add, you can use a filter ins command to define filters. The only difference is that filter ins

allows you to specify the filter's ID, which is its position in the pending filter list. (Use filter list so see the IDs

of all pending filters.) When you use a filter ins command, the first parameter must be id=<id> where <id> is a

decimal number in the range 1 to 999. For example: filter ins id=2 in_ports=n1.1 out_ports=m.1 defines a filter

that sends all the traffic from Network Port 1 to Monitor Port 1 and places this filter in the second location in the

pending filter list.

________________________________________________________________________________________________________

Tip! ___________________________________________________________________________________________________

The filter del command can be used to delete a filter from the pending filter list. The syntax is a filter del id=<id>

where <id> is a decimal number in the range 1 to 999 corresponding to the position in the pending filter list. Use

the filter list command so see the IDs of all pending filters.

________________________________________________________________________________________________________

Exclusive filters

Filters can be specified using action=drop in order to create exclusive filters. (An exclusive filter excludes packets rather

an including them.) For example, suppose you would like to monitor all traffic on a link except for the UDP traffic. To

specify this filter, use the following commands. Note that the drop filter must come first so it is earlier in the CAM.
filter add in_ports=n1.1 ip_proto=17 action=drop

filter add in_ports=n1.1 action=redir redir_ports=m.1

filter commit

Monitor Port 1

All

Network Port 1

(drop)

match

no match

Protocol =

UDP

filter add in_ports=n1.1 ip_proto=17 action=drop

filter add in_ports=n1.1 action=redir redir_ports=m.1

CAM

Address

Filter

1

n1.1 ip_proto=UDP action=drop

2

n1.1 m.1

Creating an exclusive filter

Figure 38:

Tip! ___________________________________________________________________________________________________

If you only define switch connections, with no filtering, the CAM is not involved and the switches do not interact.

________________________________________________________________________________________________________

Tip! ___________________________________________________________________________________________________

Filters that use exclusive sets of Network ports (each Network port is included in only a single filter) do not interact.

For example,

filter add in_ports=n1.1-n1.5 <filter_parameter_list> <monitor_port_list>

does not interact with

filter add in_ports=n1.6-n1.10 <filter_parameter_list> <monitor_port_list>

________________________________________________________________________________________________________

Advertising
Popular Brands
Popular manuals