6Protocol Keywords | 3Com OfficeConnect Remote 812 specification

Creating Filters Using Command Line Interface 6-51

Table 6-6Protocol Keywords

Protocol	Keyword	Operators	Description and Value Range
Section	Keyword	Operators	Description and Value Range

IP	src-addr	=, !=	Source IP Address (ddd.ddd.ddd.ddd/mask)
	dst-addr	=, !=	Destination IP Address (ddd.ddd.ddd.ddd/mask)
	tcp-src-port	all	TCP source port (1 - 65535)
	tcp-dst-port	all	TCP destination port (1 - 65535)
	udp-src-port	all	UDP source port (1-65535)
	udp-dst-port	all	UDP destination port (1-65535)
	protocol	=, !=	IP protocol (UDP, TCP, ICMP)
	generic	=	Generic filter

IP-RIP	network	=, !=	IP network number (ddd.ddd.ddd.ddd/mask)

IPX	src-net	=, !=	Source IPX network (xx-xx-xx-xx)
	dst-net	=, !=	Destination IPX network (xx-xx-xx-xx)
	src-host	=, !=	Source IPX host node address (xx-xx-xx-xx-xx-xx)
	dst-host	=, !=	Destination IPX host node address (xx-xx-xx-xx-xx-xx)
	src-socket	all	Source IPX socket (0x1 - 0xFFFF)
	dst-socket	all	Destination IPX socket (0x1 - 0xFFFF)
	generic	=	Generic Filter

IPX-RIP	network	=, !=	IPX network (xx-xx-xx-xx)

IPX-SAP	network	=, !=	IPX network (xx-xx-xx-xx)
	node	=, !=	IPX node (xx-xx-xx-xx-xx-xx)
	server	=, !=	Server name (character string to 32 characters)
	service-type	=, !=	Service type (0x0 - 0xFFFF)
	socket	all	Socket (0x1 - 0xFFFF)

BR-ETH	src-addr	=, !=	Source MAC address (xx-xx-xx-xx-xx-xx)
	dst-addr	=, !=	Destination MAC address (xx-xx-xx-xx-xx-xx)
	generic	=	Generic filter

Generic Filter Rule The syntax for generic filters is slightly different than that for other filters:

<line #> <verb> GENERIC => ORIGIN = <FRAME > DATA>/OFFSET = <# of bytes>/ LENGTH = <# of bytes>/MASK = < 0x Mask>/VALUE = <0x value>

ORIGIN - The location in the packet to start the offset count. This location can be at byte 0 (FRAME) or at the start of the protocol data (DATA).

OFFSET - The number of bytes from the origin to skip before comparing the value to the packet contents.

LENGTH - The number of bytes in the packet to compare to the value.

MASK - The mask to logically "and" with the packet contents before

comparing with the value (hex).

VALUE - The value (hex) to compare to the packet contents.

For example, a generic bridge filter to prevent all IP packets from being bridged is:

BR-ETH:

1 reject generic=>origin=frame/offset=12/length=2/mask=0xFFFF/value=0x0800;

Applying the Rules The sections that follow provide detailed information and examples for creating Using CLI specific filters based on protocol.