
Figure 6 - 22 Add Packet Content ACL Profile
Click on the boxes at the top of the table, which will then turn red and reveal parameters for configuration. To create a new entry enter the correct information and click Create. To return to the Access Profile List page click Previous
Page.
The following parameters can be set, for Packet Content:
Parameter |
| Description |
|
|
|
|
|
|
| |
|
| |||||||||
Chunk | Allows users to examine up to 4 specified offset_chunks within a packet at one time and specifies | |||||||||
| the frame content offset and mask. There are 4 chunk offsets and masks that can be configured. A | |||||||||
| chunk mask presents 4 bytes. 4 offset_chunks can be selected from a possible 32 predefined | |||||||||
| offset_chunks as described below: |
|
|
|
| |||||
| offset_chunk_1, |
|
|
|
|
|
|
| ||
| offset_chunk_2, |
|
|
|
|
|
|
| ||
| offset_chunk_3, |
|
|
|
|
|
|
| ||
| offset_chunk_4. |
|
|
|
|
|
|
| ||
|
|
|
|
|
|
|
|
|
|
|
|
| chunk0 | chunk1 |
| chunk2 | …… | chunk29 | chunk30 | chunk31 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| B126, | B2, |
| B6, | …… | B114, | B118, | B122, |
|
|
| B127, | B3, |
| B7, |
| B115, | B119, | B123, |
|
|
| B0, |
|
|
| |||||
|
| B4, |
| B8, |
| B116, | B120, | B124, |
| |
|
| B1 |
|
|
| |||||
|
| B5 |
| B9 |
| B117 | B121 | B125 |
| |
|
|
|
|
|
| |||||
|
|
|
|
|
|
|
|
|
|
|
|
| Example: |
|
|
|
|
|
|
|
|
|
| offset_chunk_1 0 | 0xffffffff will match packet byte offset 126,127,0,1 | |||||||
|
| offset_chunk_1 0 | 0xffff will match packet byte offset,0,1 |
|
| |||||
|
| Note: Only one packet_content_mask profile can be created. |
|
| ||||||
|
| With this advanced unique Packet Content Mask (also known as Packet Content Access Control | ||||||||
|
| List - ACL), the | ||||||||
|
| common ARP Spoofing attack that is wide spread today. This is why the Packet Content ACL is |
202