HP VCX Software manual Packet Type Selection, IP Address Selection, Protocol/Port Selection

Page 147

Chapter 9. Logging

Packet Type Selection

You can limit the selection to only allowed packets or rejected/discarded packets, or a subset of these. For example, you can select allowed, un-NAT:ed packets only.

IP Address Selection

You can limit the selection by specifying certain IP addresses.

In these fields, enter a single IP address (e. g., 10.3.27.3), a range of IP addresses (e. g., 10.3.27.1-10.3.28.254), an IP address followed by a netmask (e. g.,10.3.27.0/24), a combi- nation of these, or nothing at all. If a field is empty, all IP addresses are selected.

If you want to study all traffic except the one to or from a specific computer or group of computers, enter the IP address(es) here and mark the "not this address" box.

The selection can be modified by the control boxes under the fields A and B:

A src

Packets from the IP address in field A matches. Field B is ignored.

A dst

Packets to the IP address in field A matches. Field B is ignored.

A any

Packets to or from the IP address in field A matches. Field B is

 

ignored.

A to B

Packets from A to B matches.

B to A

Packets from B to A matches.

Between A&B

Packets from A to B, or from B to A, matches.

not this combination

Packets that do not match the given combination of A and B are

 

shown in the log.

If you, for example, want to study all packets to or from 10.3.27.18, except those to the file server 10.3.27.2, you should fill in the form like this:

Protocol/Port Selection

You can limit the selection by specifying certain protocols.

All IP protocols

No restriction regarding protocols.

TCP/UDP

When selecting TCP or UDP, you can choose all packets or packets to certain ports only.

In these fields, you can enter a single port number (32), a range of port numbers (1-1023), a list of port numbers and ranges separated by commas (53, 1024-65535) or nothing at all. If

139

Image 147
Contents Version 3Com Telecommuting ModulePage United States Government Legend Page Table of Contents Page Part I. Introduction to 3Com VCX IP Telecommuting Module Page What is a Telecommuting Module? Introduction to 3Com VCX IP Telecommuting ModuleConfiguration alternatives DMZ/LAN Configuration DMZ ConfigurationStandalone Configuration Quick guide to 3Com VCX IP Telecommuting Module installationIntroduction to 3Com VCX IP Telecommuting Module About settings in 3Com VCX IP Telecommuting Module Introduction to 3Com VCX IP Telecommuting Module Installation with a serial cable Installing 3Com VCX IP Telecommuting ModuleInstallation Installation with magic pingPage Page Page Page Installation with a diskette Page Page Remember to lock up the Telecommuting Module Turning off a Telecommuting ModuleInstalling 3Com VCX IP Telecommuting Module Configuring 3Com VCX IP Telecommuting Module Logging onLog on again Navigation Log outSite Map Network Configuration AdministrationSIP Services Basic ConfigurationVirtual Private Networks Quality of ServiceOverview of configuration FailoverPreliminary and permanent configuration Page Mask/Bits IP addressNo. of computers Mask Bits Name queries in 3Com VCX IP Telecommuting ModulePage Configuring 3Com VCX IP Telecommuting Module Part II. How To Page How To Configure SIP DMZ Telecommuting Module, SIP server on the WANNetworks and Computers Surroundings Interoperability Basic SettingsRouting FilteringSave/Load Configuration DMZ Telecommuting Module, SIP server on the LANNetworks and Computers Basic Settings Routing Standalone Telecommuting Module, SIP server on the WAN Basic Settings Filtering Standalone Telecommuting Module, SIP server on the LAN Client SettingsBasic Settings Interoperability DMZ/LAN Telecommuting Module, SIP server on the WAN Basic Settings Filtering DMZ/LAN Telecommuting Module, SIP server on the LAN Interoperability Filtering LAN Telecommuting Module Surroundings Filtering Remote SIP Connectivity Firewall How To Configure SIP Outgoing Calls How To Configure Advanced SIPShow One Number When Calling Show Different Numbers When Calling Incoming Calls Page Authentication by Accounts a.k.a SIP Trunk via SIP accounts Page Page Page Incoming Calls Page Multiple Operators Least Cost Routing Page Multiple PBXs How To Configure Advanced SIP How To Configure Advanced SIP Page Page Page Page Name of this Telecommuting Module Basic ConfigurationBasic Configuration GeneralDefault domain IP Policy DNS ServersPolicy For Ping To Your 3Com VCX IP Telecommuting Module Look up all IP addresses again Access ControlCancel SaveUser Authentication For Web Interface Access Configuration Allowed Via InterfaceConfiguration Transport Configuration via Https Configuration via HttpConfiguration Computers Configuration via SSHDNS Name Or Network Address Via IPsec Peer Network addressNetmask/Bits RangeRadius Secret Radius ServersRadius server PortIdentifier Contact IP AddressStatus for Radius Servers Consecutive sends ScoreSent requests Received repliesValue Configuration of a Radius serverNode location Snmp v1 and v2cTelecommuting Module IP address to respond to Snmp requests Contact personCommunity Access via SNMPv1 and SNMPv2cAccess via SNMPv3 SnmpUser PasswordAuthentication Snmp TrapsVersion Resource MonitoringTrap sending function Trap receiverCPU Load Trap Levels Download the 3Com MIBSIP Sessions Trap Levels SIP User Registrations Trap LevelsUse DynDNS Dynamic DNS updateDynDNS service DynDNS General ConfigurationUsername IP address for updatesUser, Smtp Server Wildcard hostnames Offline URL redirectionDNS Name DNS Names to Update at DynDNSSmtp server is backup Smtp serverCertificate CertificatesPrivate Certificates NameCreate certificate or certificate request CA Certificates Timeouts AdvancedCA Certificate Timeout for Icmp connections Timeout for one-way UDP connectionsTimeout for two-way UDP connections Timeout for established TCP connectionsDMZ/LAN Configuration Telecommuting Module Type configuration Current Telecommuting Module TypeChange Telecommuting Module Type to Change type Test Preliminary Configuration AdministrationDuration of limited test mode Save/Load ConfigurationBackup Show Message About Unapplied ChangesApply configuration Save/Load CLI Command File Reload Factory Configuration Show ConfigurationRevert to Old Configurations Abort All EditsUser Administration Password For the ’admin’ AccountOld password Account Type New password, Confirm passwordChange administration password Other AccountsCurrently Logged In Administrators Step UpgradeUpgrade Log OutTable Look Try the upgradeAccept upgrade Abort upgradeEdit Column Change Time Zone Date and TimeSet date and time manually Change Date and Time ManuallyDate TimeNTP Servers To Use If NTP Is Enabled Change Date and Time With NTPSynchronize time with NTP Automatic Restart of the SIP Module Reboot Your 3Com VCX IP Telecommuting ModuleRestart Restart the SIP ModuleAdministration Administration 118 Networks and Computers Network ConfigurationName SubgroupLower Limit Create Upper LimitInterface/VLAN Delete RowInterface Default GatewayMain Default Gateways PriorityGateway Reference Hosts Policy For Packets From Unused GatewaysInterface Network Interface 1 Physical deviceInterface name Obtain IP Address Dynamically Directly Connected NetworksVlan Name AliasBroadcast address Vlan IdStatic Routing Router Routed networkNamed VLANs VlanInterface Status Interface StatusPPPoE Client Status Dhcp Client StatusAuthentication PPPoEKeep Alive Surroundings LCP echo-request intervalLog class for PPPoE negotiations Data Interfaces NetworkAdditional Negotiators Select a data interface here Network Configuration 136 Display log LoggingDisplay Log Search the LogPacket Selection Support ReportAll IP protocols Packet Type SelectionIP Address Selection Protocol/Port SelectionIcmp IP addresses SIP Packet SelectionCall-ID SIP MethodsTime Limits Show This Export the LogShow newest at top Clear form LogRST Display LoadUnit Packet LoadTime Period DirectionValue View diagram DiagramDiagram Size Diagram HeadingLog class for broadcast packets Inbound TrafficLog class for non-SIP packets Log class for spoofed packetsLog class for Dhcp requests Log class for email errorsLog class for Radius errors Log class for Snmp errorsLog class for ESP packets VPN EventsLog class for IPsec key negotiations Log class for IPsec key negotiation debug messagesSIP Events Other Log Classes Email AddressLocal Log Syslog Log SendingSmtp Server Status for Outbound EmailSyslog Servers Reverts the fields to the previous configuration 157 Logging 158 SIP Module SIP ServicesAdministration of SIP Basic SettingsComment Additional SIP Signaling PortsProvisioning Relay TransportSIP Media Port Range Public IP address for NATed Telecommuting ModuleSIP Servers To Monitor Server SIP LoggingLog class for SIP signaling Interoperability Loose RoutingRelaxed Refer-To Except this from translation Remove Via HeadersTranslation Exceptions SIP ServerExpires Header Force TranslationAlways Translate This URI Encoding Signaling Order of Re-INVITEs Loose Username CheckUser Matching Force Record-Route for All Requests Accept RTP/AVP With sdescriptionsTransmit RTP/AVP With sdescriptions Force Record-Route for Outbound RequestsAccept TCP Marked As TLS Force Remote TLS Connection ReuseRemove Headers in 180 Responses Allow Large UDP PacketsForward Cancel Body Use Cancel Body In ACKPreserve RFC 2543 Hold Allow RFC 2069 Authentication Open Port 6891 For File TransferConvert Escaped Whitespaces in URIs Keep User-Agent Header When Acting as B2BUA Strip ICE AttributesPorts and the maddr Attribute Session Configuration Session timerTimeout for SIP over TCP/TLS Sessions and MediaMedia Configuration Allowed number of concurrent sessionsLimitation of sender of media streams Limitation of RTP Codecs This Codec Is Allowed CodecsType NameRing Tone for Local Ringback Local RingbackMusic on Hold Redirection Local Ringback Played at Call TransferSIP blacklist interval Default timeout for Invite requestsMaximum timeout for Invite requests RequestsMaximum number of retransmissions for non-INVITE requests Base retransmission timeout for SIP requestsRemote SIP Connectivity Maximum number of retransmissions for Invite requestsStun ports Stun ServerStun server Stun server IP addressesIP Address for Remote Clients Remote Clients Signaling ForwardingRemote NAT Traversal Remote NAT traversalNAT keepalive method NAT timeout for UDPNAT timeout for TCP Forward Signaling from IP AddressSIP Methods SIP TrafficAuth MethodTraffic To AllowAction FilteringSender IP Filter Rules From NetworkAllow Content TypesDefault Policy For SIP Requests Content TypeHeader Filter Rules Default Header Filter Policy Local RegistrarLocal SIP Domains Domain Local SIP User DatabaseAuthentication and Accounting Authentication NameRegister From SIP User Database Authentication settingsNetwork Asserted-IdentityUse P-Asserted-Identity Trusted DomainsEmergency Number Dial PlanRadius Accounting Use Dial PlanReg Expr Matching From HeaderTail Matching Request-URIPrefix HeadMin. Tail Forward ToSubno Replacement URIDial Plan Enum Root Request-URIForward To Add PrefixMethods in Dial Plan MethodRegister in Dial Plan Enum Root RoutingDNS Override For SIP Requests Port WeightSIP Routing Order Relay ToRouting Function Class 3xx Message ProcessingUser Static RegistrationsRequests To User Also Forward ToSip/sips Local Refer HandlingAlways handle Refer locally For clients not supporting ReferFrom URIs For Which Refer is Handled Locally For clients not supporting replacesFor dialogs with specified From URI For dialogs with specified User-Agent headerUser Routing AliasRestrict Incoming Callers Forward Send To Voice MailAction Voice Mail Server Domain or IP Address Outbound ProxyFrom Domain Request-URI DomainGateway Tel URIsRegistrar and Session Status Active SessionsMonitored SIP Servers Registered from Registered UsersMonitored SIP server Monitored SIP server statusIP Address Selection ToolsPacket Capture Network Interface SelectionTools Any Icmp Test Results Check NetworkCollect data Check NetworkPage Tools 222 SIP over TCP/TLS Firewall and Client ConfigurationDMZ type SIP over UDPSIP clients DMZ/LAN typeStandalone type SIP clients Part IV Com VCX IP Telecommuting Module Serial Console Page Basic Administration Connecting to the serial consoleMain Menu Wipe email logs Set passwordCommand line interface Exit adminDeactivate other interfaces Physical device nameConfigure from multiple computers Configure from a single computerPassword Wipe email logs Exit admin Set passwordBasic Administration 236 Command Line Reference Command ReferenceHelp and Troubleshooting Modifying Tables Revert-edits List-tablesLoad-factory Modify-rowTable Definitions Config.allowconfig Config.allowviainterfaceConfig.authlogclass Config.mgmtlogclass Config.authenticationConfig.httpservers Config.httpsserversFentalwaysfentinterfaces Failover.ifacerefhostsFent.alwaysfent FentalwaysfentexceptionsFent.mediarelease Fent.mapsignaladdressField Name Field Type Explanation Enabled OnOffToggle Fent.fentkeepalivefirewall.dhcplogclass firewall.defaultpolicyfirewall.blindroutepolicy firewall.broadcastlogclassfirewall.networkgroups firewall.ownlogclassfirewall.pingpolicy firewall.timeclasses firewall.servicesfirewall.policylogclass firewall.spoofinglogclassIdsips.predefinedipsrules Idsips.activeIpsec.espahlogclass Idsips.ratelimitedipsIpsec.cryptodef Ipsec.espproposalsIpsec.nattkeepalive Ipsec.ikelogclassIpsec.ikeproposals Ipsec.ipsecnetsField Name Field Type Ipsec.plutologclassIpsec.plutoverboselogclass Ipsec.radiusauthserverIpsec.tunnelednets Ipsec.userauthlogclassIpsec.x509cacerts Misc.dyndns Misc.conntracktimeoutsIpsec.x509cert Misc.dnsserversField Name Field Type Explanation DomainName Misc.dyndnsnameMisc.fversion Misc.ntpserversMonitor.emailalertlogclass Monitor.cpuloadlevelalarmMisc.unitname Misc.usentpMonitor.logclasses Monitor.memorylevelalarmMonitor.radiuserrorslogclass Monitor.hardwarelogclassMonitor.siplevelalarms Monitor.snmpagentaddressMonitor.snmpagentlogclass Monitor.snmppacketlogclass Monitor.snmpcontactpersonMonitor.snmpmanagementstations Monitor.snmpnodelocationMonitor.snmpv1v2cauth Monitor.snmpv1v2caccessMonitor.snmpv3access Monitor.snmptrapsendingNetwork.aliasaddresses Network.extradefaultgatewaysMonitor.syslogservers Monitor.watchdogsNetwork.interfaces Network.localnetsNetwork.pppoe Field Name Field Type Explanation Server DnsIpAddress Network.routetestserversNetwork.routes Network.vlansPptp.pptplogclass Password.adminusersPptp.pptpenable Pptp.grelogclassField Name Field Type Explanation PPTPOwnIpReference Pptp.pptpserveripPptp.pptpusers Pptp.pptpneglogclassQos.classes Qos.bandwidthsQos.egressdefaultqueueing Qos.ingressdefaultqueueingQos.egressqueueing Qos.tagging Qos.ingressqueueingQos.sipcac Qos.statusSip.allowedcodecs Sip.acceleratedtlsSip.active Sip.addexpireheaderSip.codecfiltering Sip.defaultgatewaySip.authmethods Sip.b2buaofferfromtemplateField Name Field Type Explanation DnsIpAddress Sip.emergencySip.externradiusdb Sip.externalrelaySip.forwardtoheader Sip.forwardcancelbodySip.fixfiletransferport Sip.forcemodifyField Name Field Type Explanation Action Sipfilteractionsel Sip.headerfilterdefaultSip.headerfilterrules Sip.ignoreuriportwhenmaddrSip.localdomains Sip.largeudpSip.lcscompanion Sip.listenSip.mediaencryptionpolicy Sip.looserefertoSip.looseusernamecheck Sip.lrtrueField Name Field Type Explanation Portslower PortNumber Sip.mediaencryptionsettingsSip.mediaencryptionsuite Sip.mediaportsSip.mfull Sip.mediatimeoutsSip.mediarestriction Sip.messageSip.musiconhold Sip.optiontimeoutSip.mimetypes Sip.monitorserverSip.preserve2543hold Field Name Field Type Explanation Timeout OptionTimeoutSip.outboundproxy Sip.percent20towhitespaceSip.relayrules Sip.radiusacctSip.recurseon3xxinb2bua Sip.registrarlimitsSip.ringback Sip.removeviaSip.replyconfig Sip.rewritetoforregisterindpSip.rrouteoutbound Sip.routeusesportSip.routingorder Sip.rroutealwaysSip.sipalias Sip.signaladdressfordestinationSip.siperrorslogclass Sip.sessionlimitsSip.sipmessagelogclass Sip.sipsignalinglogclassSip.siplicenselogclass Sip.sipmedialogclassSip.surroundings Sip.tcptimeoutSip.sttype Sip.stripiceattributesSip.tlsservercfg Sip.tlssettingsSip.tlscacerts Sip.tlsclientcfgField Name Field Type Explanation Uriencodingsel Sip.transactionconfigSip.trusteddomain Sip.uriencodingSip.uaregister Sip.usecancelbodyinackSipswitch.accounts Sipswitch.b2buatransferenableField Name Field Type Explanation User AliasAlias Sipswitch.b2buatransferfromuserSipswitch.dialplan Sipswitch.dialplanenableField Name Field Type Explanation Enabled Fallbacksel Sipswitch.dialplanmethodsSipswitch.enumroot Sipswitch.forwardtoField Name Field Type Explanation Url SipWildcardUrl Sipswitch.incomingunauthSipswitch.requestfrom Sipswitch.requesttoSipswitch.users Sipswitch.userroutingVoipsm.voipsm Sipswitch.voicemailUserdb.radiuslocalendpoint Userdb.radiusserversVoipsm.voipsmdomains AdminPasswordAdminTypeSel Field TypesAuthData AdminUserAliasAlias AliasIpReference AliasUserDnsDynIpNetworkInterface DnsDynIpOtherHost CaReferenceCertReference CryptoDefReference DepUsableVlanInterface DnsDynIpAddressEspCryptoReference FirewallLogclassReference DyndnsPasswordDyndnsServiceSel EnumReferenceIpsecAuthSel InterfaceSelInviteRetransmitCount IpsRuleNameMaxReg IsakmpSALifeLogclassReference MaxMessageSizeIntegerOnOffToggleOn NonemptyStringOnOffButton OnOffToggleOptDepOwnIpReference OptDnsAutoRuntimeReachableHost OptDnsIpAddressOptComment OptDSCPIntegerOptIpsecPeerReference OptForwardToReferenceOptIcmpRangeList OptIpsecNetReferenceOptPercentFloat OptPasswordOptServicesReference OptPercentOptTimeclassReference OptionTimeoutOptSipUserDomain OptStringPercent PptpPasswordRegTimeout PPTPOwnIpReferenceSIPRadiusSel SessionTimeoutSipUserDomainDefaultAll SipUserPasswordSubGroup SnmpPasswordTimerAFloat SipWildcardUrlAccountvoicemailsel AccounttypeselBypasstransportsel AddexpireheaderselAutonegsel BlindselFentkeepalivesel ConfigauthselDpactionsel FallbackselMediaencryptionsuitesel FunctionselFwtypesel HitsnumberQostypesel PingpolicyselPolicysel PqueueselRfc2782priority Rfc2782weightRegexpwithAt RestfuncselSipsel SipauthdirselSipfilteractionsel SipfunctionselSttypesel SnmptrapversionselSnmpv3authsel Snmpv3privacyselSysloglevelsel TlsclientmethodsTlsservermethods Voipsmmethodsel TlsconfselTrusteddomaintransportsel UriencodingselCLI command examples Add and change firewall rulesWindownumber Apply a configuration Part V. Appendices Page Why use SIP? Appendix A. More About SIPSIP Protocol Managing Your Own SIP Domain SIP and FirewallsConfiguring the 3Com VCX IP Telecommuting Module Page Configuring the PBX Configuring the DNS ServerConfiguring the SIP Clients SIP Sessions SIP in 3Com VCX IP Telecommuting ModuleEstablishing a SIP session Contact SIP Packet HeadersRoute Content-TypeVia Record-RouteAppendix A. More About SIP 328 Traffic discarded as spoofed Appendix B. TroubleshootingNetwork troubleshooting No traffic shown in the logSIP Trunking calls via SIP operator SIP troubleshootingSIP users can’t register on the Telecommuting Module SIP users can’t register through the Telecommuting ModuleCall is established, but there is no voice Administration troubleshootingDestination IP addressport is known bad. Skipping SIP errorsLog Messages SIP send failure -1 on socket -1 event numberStopped SIP TCP server IPsec key negotiationsStarting SIP TCP server at port Starting SIP UDP server at portConfiguration server logins Name Port/protocol Description List of the most important reserved portsWWW Cmip Krcmd Kerberos encrypted remote shell -kfall Type Name List of Icmp typesIcmp codes Type Name ReferenceIcmp type Name Code Description Unreachable for Type Protocol number Keyword Internet protocols and their numbersIP intervals Set bits Mask IP address class Class IP in- tervals Reserved IP addressesPage ARP Appendix D. Definitions of termsDMZ 349 Https NAT Nntp 353 PPP SIP Uucp 357 Appendix D. Definitions of terms 358 Terms Appendix E. License ConditionsSoftware developed by Peter Åstrand BSD derived licensesSoftware developed by Carnegie Mellon University Software developed by Cisco Systems Software developed by Gregory M ChristySoftware developed by Digital Equipment Corporation Software developed by Jason Downs Dhcp licenseSoftware developed by Brian Gladman Preamble Software developed by Google, IncGNU General Public License GPL Version 2, JuneGNU General Public License 367 368 No Warranty IBM Public License Software developed in the GIE Dyade cooperation Software developed by Ingate SystemsSoftware developed by Tommi Komulainen USA GNU Library General Public License Lgpl v374 GNU Library General Public License 376 377 Page 379 380 Version 2.1, February GNU Lesser General Public License Lgpl v382 GNU Lesser General Public License 384 385 386 Page Glibc Tzdata 2006a 388 Software in the GNU C distribution Appendix E. License Conditions Appendix E. License Conditions 392 More software in the GNU C distribution 394 License exceptions for gcc/libgcc2.c Disclaimer License exceptions for libstdc++License for lilo LicenseSoftware developed by Paul Mackerras Software developed at M I T Software developed by Pedro Roque MarquesPart 1 CMU/UCD copyright notice BSD like License for Net-SNMPPart 4 Sun Microsystems, Inc. copyright notice BSD Part 5 Sparta, Inc copyright notice BSD Part 6 Cisco/BUPTNIC copyright notice BSD License for OpenSSH License for NTP404 Appendix E. License Conditions 406 407 Snprintf replacement Copyright Patrick Powell 409 License for OpenSSL License for OpenSWAN Release Derived Year Owner GPL- compatible? From Python licenseTerms and Conditions for Accessing or Otherwise Using Python Beopen Python Open Source License Agreement Version Cnri License Agreement for Python CWI License Agreement for Python 0.9.0 Through License for Python Imaging LibraryLicense for Rdisc More software developed by RSA Data Security, Inc Software developed by RSA Data Security, IncLicense for SSL Software developed by Sun Microsystems, Inc License for stunnelLicense for Sun RPC More software developed by Sun Microsystems, IncSoftware developed by Trusted Information Systems, Inc License for termcapSoftware developed by Paul Vixie Software developed by Andrew TridgellVovida Software License v Software developed by Rayan S ZachariassenVovida Software License, Version Software developed at University of California License for zlibOpenswan-kernel 427 Appendix E. License Conditions Appendix E. License Conditions Readlink Appendix E. License Conditions 430 Appendix F. Obtaining Support for Your 3Com Products Register Your Product to Gain Service BenefitsSolve Problems Online Purchase Extended Warranty Professional ServicesAsia, Pacific Rim Telephone Technical Support and Repair Access Software DownloadsContact Us Telephone Technical Support and RepairCountry Telephone Number Latin America Telephone Technical Support and RepairUS and Canada Telephone Technical Support and Repair Index For administrationConfiguration logins From the Telecommuting Module MIBs
Related manuals
Manual 70 pages 30.95 Kb