Net Optics none Filter parameters, Director Filter Parameters Qual Value Example Description

Page 52

Director

Filter parameters

Switches and filters are defined using the filter add and filter ins commands. The filter add command syntax is:

filter add in_ports=<portlist> <filter_parameter_list> action=<redirdrop> redir_ports=<portlist>

The <filter_parameter_list> is a sequence of zero or more of the filter qualifiers as listed in the following table.

If the <filter_parameter_list> is empty, the filter add command specifies an aggregation of the traffic received on all of the in_ports. If the action=redir, the aggregated traffic stream is regenerated to all of the redir_ports.

If the <filter_parameter_list> contains filters, aggregation and regeneration take place as described in the previous paragraph. However, the filters are applied to the aggregated traffic stream before it is copied to the Monitor ports. If multiple filter qualifiers are specified, a packet must satisfy all of the filter qualifiers in order to be copied to the Moni- tor ports. In other words, the filter qualifiers are combined with a logical AND condition. A logical OR condition can be created by using multiple filter add commands with identical port lists.

The filter add and filter ins commands define filters but do not activate them. A subsequent filter commit or commit command must be executed to the filters. This mechanism enables an interrelated group of filters to be activated simul- taneously. It also allows you to double-check your filter definitions before you activate them.

It is important to note that packets are filtered using a Content Addressable Memory or CAM. Each filter is a CAM entry, and the CAM is filled in the order that the filter add commands are received. Filter ins commands create filters in specific locations in the CAM. When a packet is processed, the first filter in the CAM that matches the packet is the only filter that is activated. Each packet can activate exactly zero or one filters. See Understand filter interactions near the end of Chapter 3 for examples.

All supported filter qualifiers are shown in the following table.

Director Filter Parameters

<qual>

<value>

Example

Description

 

 

 

 

ip_src

IPv4 address

ip_src=168.10.4.1

IP source address

 

 

 

 

ip_src_mask

IPv4 address mask

ip_src_mask=255.255.255.0

Mask for IP source address

 

 

 

 

ip_dst

IPv4 address

ip_dst=1234:5678::9abc

IP destination address

 

 

 

 

ip_dst_mask

IPv4 address mask

ip_dst_mask=255.255.255.0

Mask for IP destination address

 

 

 

 

ip_proto

Number*

ip_proto=6

Layer 4 IP protocol

 

 

 

 

l4_src_port

Port number

l4_src_port=80

Layer 4 source port

 

 

 

 

l4_dst_port

Port number

l4_dst_port=80

Layer 4 destination port

 

 

 

 

vlan

VLAN number

vlan=128

VLAN

 

 

 

 

* See Appendix C for a complete list of protocol numbers. Some common protocols include:

 

Number

Keyword

Protocol

 

 

 

 

 

1

ICMP

Internet Control Message Protocol

2

IGMP

Internet Group Message Protocol

6

TCP

Transmission Control Protocol

17

UDP

User Datagram Protocol

89

OSPF

Open Shortest Path First

132

SCTP

Stream Control Transmission Protocol

 

 

 

 

 

 

 

 

48

 

 

 

 

*** Confidential - DO NOT Distribute ***

Page 51 Page 53
Image 52
Page 51 Page 53
Contents Smart Filtering Appliance Trademarks and Copyrights Contents Appendix a Appendix BAppendix C Filter parametersChapter Introduction Key Features Ease of UseMonitor port Filtering Passive, Secure TechnologyAbout this Guide DescriptionDirector Architecture Director internal architectureUSB port Director ManagementTypical Application Network LinksMonitoring Tools In-line Monitoring of 10 Gigabit Links IBypass Switch MethodExternal Network Tap method Power LEDs Director Front PanelMonitor Port LEDs DNM / Network Port LEDsDirector Rear Panel XFPChapter Installing Director Plan the Installation Unpack and Inspect the Director deviceInstall SFP and XFP Monitor port Modules Install Director Network ModulesRack Mount the Director device Connect Power to Director Connect the local CLI InterfaceConnect the remote CLI Interface Baud Data bits No parity 1 stop bit No flow controlTip To connect the CLI for remote use over the Management portLog into the CLI To log into the CLIChange Director User Name and Password Configure Director using the CLITo change the user name and password To change the port mode Assign a New Manager IP AddressTo assign a new Manager IP address to Director Change Port ModesSave and Load Director Configurations Set the Current Date and TimeUsing the CLI Help Command To view CLI help informationUsing the CLI Command History Buffer Current config fileConnect Span Ports to Director To connect a Span portConnect Director With In-line Network Links To connect an in-line network linkCheck the Installation Configure a Matrix Switch connection in DirectorConnect Monitoring Tools to Director Chapter Configuring Filters Using the CLI SyntaxEnter filter commit. The switch connection is activated Copy Traffic From Any Network Port to Any Monitor PortRegenerate Traffic to Any Set of Monitor Ports Lter add inports=n1.1 action=redir redirports=m.3-m.5Create Filters To create a filter that selects IPv4 packets by protocolCreate Complex Filters Logical and filter connectionView filters UDPWork with configurable 10 Gigabit ports Configurable 10 Gigabit XFP ports used as Network portsNetwork Port 11 XFP Port Understand filter interactions CAMFlow diagram now looks as follows Exclusive filters N1.1 ipproto=UDP action=drop N1.1 m.1To change the Director filter configuration Understand pending and active filtersEnter filter list to view the pending filter list User interactions Filter capacityDaisy-chaining Multiple Director Chassis Appendix a Director Specifications Specifications, chassisSpecifications, DNM EnvironmentalCertifications Available ModelsAppendix B Command Line Interface Command Sub-Command Parameters Example and descriptionCommand may include Filter add and filter ins commandsFilter add ipv6=n inports=n1.1-n1.3 ip Src=10.1.1.1 action=dropLoad myconfiguration-1 Filter listFilter running Filter syncSave myconfiguration-1 Show myconfiguration-1Passwd PingSysip commit Sysip ipaddr=192.168.1.2 netmask=255.255.0.0Sysip show TimeThis This command is only available at root level Command User showUser add name=bob pw=bob-pw priv=3 Is onlyFilter parameters Director Filter Parameters Qual Value Example DescriptionAppendix C Protocol Numbers Num Keyword ProtocolMobile L2TP Limitations on Warranty and Liability By Net Optics, Inc. All Rights Reserved
Top Page Image Contents