Allied Telesis AT-AR300 manual Vrrp Port Monitoring, Http Proxy Filter File

Page 26

26

Release Note

Table 6: New parameters in the output of the SHOW FIREWALL POLICY COUNTER command.

Parameter

Meaning

 

 

HTTP Proxy Filter File

Name of a text file containing a list of domain names, URLs,

 

keywords and cookie domain filters that are not allowed to

 

pass through HTTP proxies configured under this policy. This

 

parameter is only shown if a URL filter file has been

 

specified for this policy.

 

 

Cookies

Indicates whether or not cookies are allowed to pass

 

through HTTP proxies configured under this policy. If

 

“enabled” is shown all cookies are permitted unless

 

specifically denied by an entry in the HTTP proxy filter file. If

 

“disabled” is shown no cookies are permitted. This

 

parameter is only shown if an HTTP proxy has been

 

configured for this policy with direction set to “out” or

 

“both”.

 

 

Sessions Handled

The number of TCP sessions that have been handled by the

 

proxy.

 

 

URL Denies

The number of times a match to a requested URL has been

 

found in the HTTP proxy filter file resulting in the request

 

being denied.

 

 

URL Allows

The number of times a match to a requested URL has been

 

found in the HTTP proxy filter file resulting in the request

 

being allowed.

 

 

Cookie Denies

The number of times a match to a domain or URL

 

requesting the setting of a cookie has been found in the

 

HTTP proxy filter file resulting in the request being denied.

 

 

VRRP Port Monitoring

Virtual Router Redundancy Protocol (VRRP) is now able to monitor ports in the VLAN over which it is running, and reduce the priority of the router or switch if ports in the VLAN fail.

Ports that are part of a VLAN over which a VR is running can be monitored to detect port failure. This is known as port monitoring. Port monitoring ensures that if a port fails, or is disabled, the VRRP priority will be reduced either by a configured step value or by an amount that reflects the proportion of the VLAN’s ports that are out of service. If the router is the master, and a backup router has a higher priority, the backup router pre-empts the master and becomes the new master.

Port monitoring is a way of implementing a connectivity metric. If the connectivity to the VLAN changes, the router will drop its priority either proportionally or by a certain amount by using the STEPVALUE parameter of the following command:

SET VRRP=vr-identifier[PORTMONITORING={ONOFF}] [STEPVALUE={stepvaluePROPORTIONAL}]

If the stepvalue option is specified, the priority of the VR will be reduced by this value each time a VLAN port fails or is disabled.

Software Release 2.3.1 C613-10325-00 REV B

Page 25 Page 27
Image 26
Page 25 Page 27
Contents Software Release Rapier i Series IntroductionHardware Platforms Hot Swapping Network Service Modules Hot swap an NSM out of an NSM bay Software Features Example output from the Show Interface command NSM Hot Swap Software SupportDomain Name Server Enhancements DNS CachingServer Selection Triggers for Ethernet Interfaces Automatic Nameserver ConfigurationTelnet Server Port Number Enco Channels IP Security IPsec Source Interface Enhancements Ospf on Demand Isdn Rule-based NAT Paladin Firewall EnhancementsInterface-based NAT New Command Syntax Time Limited RulesRelease Note Software Release Web Redirection with Reverse NAT Rules Required parameters for Firewall NAT rules ParametersFurther Examples Firewall and IPsec TunnelStandard NAT Paladin Firewall Http Application Gateway Proxy Show OutputFirewall Http Proxies and Firewall Policies Http FiltersADD Firewall POLICY=zone1 HTTPFILTER=banned.htp Http Cookies Firewall Policy Debugging Show Firewall PolicyVrrp Port Monitoring Http Proxy Filter FileWhere Stepvalue is a decimal number in the range 1 to Border Gateway Protocol 4 BGP-4 IP and Interface Counters Internet Protocol IPTo reset IP interfaces, use the command Example output from the Show IP COUNTER=INTERFACE command Example output from the Show IP COUNTER=SNMP command Telephony PBX Functionality Bandwidth Limiting Errata Telnet ServerInstallation Enable Telnet ServerRelease Note
Top Page Image Contents