Manuals / Fluke / Computer Equipment / Computer Accessories

Fluke Computer Accessories Protocol, Source port, Dest port, Src/dest port, Source application

Models: Computer Accessories

1 88

Download 88 pages 62.63 Kb

Page 33

User’s Guide – version 3.5

NetFlow Tracker

Protocol

You can restrict the set of IP protocols considered. For example, you may want to consider only UDP or ICMP traffic while investigating a denial-of-service attack.

Source port

The source port filter restricts the source application port number; it should be used in conjunction with the protocol filter.

Dest port

This restricts the destination application port number.

Src/dest port

This filter will consider traffic with the given port number as either the source or destination.

Source application

The source application filter restricts the IP protocol and source application port number. You can enter a port number and protocol manually or you can select from the configured in the IP Application Names settings page.

Dest application

This restricts the protocol and destination application port, selectable by name.

Src/dest application

This filter considers traffic using the given application as either the source or destination.

Recognised application

This filter selects traffic with the given source or destination application. Whether the source or destination application is considered depends on whether it has a name defined in the IP Application Names settings page, or if both or neither have names, whichever has the lower port number.

Identified application

This filter selects traffic with the given identified application. In order for applications to be identified the NetFlow device must support the functionality and its identified application mapping must be configured in Device Settings.

ToS

You can report only on traffic bearing any one of a set of type-of-service byte values. You build the ToS byte value by picking the priority and the minimize delay (D), maximise throughput (T), maximise reliability (R) and minimise monetary cost (M) flags. If you leave the priority or any of the flags empty then only the fields you supplied a value for are considered. Thus you can match traffic of a given priority with any flags, or with particular flags set or unset but any priority and any values for the other flags.

33

Image 33

Fluke Computer Accessories manual Protocol, Source port, Dest port, Src/dest port, Source application, Dest application

Contents

User’s Guide Version NetFlow TrackerMay Copyright 2004 - 2007 Fluke Corporation. All rights reserved All product names are trademarks of their respective companiesINSTALLATION ContentsUSING NETFLOW TRACKER User’s Guide - versionCONFIGURATION GUIDE PERFORMANCE TUNINGLONG-TERM REPORTS REPORTSAPPENDIX 2 CSV FILE FORMAT APPENDIX 1 DEVICE CONFIGURATIONAPPENDIX 3 XML FORMAT APPENDIX 4 THIRD PARTY SOFTWARE COMPONENTSSoftware License Agreement 2. EVALUATION, UPDATES, UPGRADES AND SUPPORT AND MAINTENANCE1. GRANT OF LICENCE AND PAYMENT OF FEES User’s Guide - version3. COPYRIGHT 5. LIMITED WARRANTY4. OTHER RESTRICTIONS User’s Guide - version7. NO OTHER WARRANTIES 6. CUSTOMER REMEDIES8. NO LIABILITY FOR CONSEQUENTIAL DAMAGES 9. TERMINATION12. EXPORT CONTROL 11. CONFIDENTIAL INFORMATION AND SECURITY13. GOVERNING LAW AND JURISDICTION 14. MISCELLANEOUSUser’s Guide - version NetFlow Tracker14.4 If any provisions of the Agreement are held to be unenforceable, illegal or void in whole or in part the remaining portions of the Agreement shall remain in full force and effect Appendix 1 to End User Licence Terms and Conditions for Fluke Support and Maintenance Service1. Definitions User’s Guide - version3. Support Charges 2. Support Services4. Undertakings by You 5. Supplier’s Undertakings7. Intellectual Property Rights 6. Limitation of Liability and indemnity8. Termination User’s Guide - version10 Miscellaneous 9. Confidential Information and SecurityUser’s Guide - version NetFlow Tracker4. Exceptions to Support Services Schedule Support Services1. Support Hours 3. Response TimesWhat is NetFlow Tracker? What is NetFlow?Features and Benefits IntroductionNetFlow Tracker User’s Guide - versionPre-installation Checks InstallationMinimum System Requirements Operating System SupportJava Runtime Environment installation Installation on Microsoft WindowsSetup Type Unsupported MySQL detectionPost-installation Tasks Installation on LinuxCustom Setup Ready to InstallSet up web front-end security Set up SNMP community stringsConfigure your routers and switches Add listener portsReal-time Data Using NetFlow TrackerLong-term Data Executive ReportsInterfaces Device traffic metersUser’s Guide - version NetFlow TrackerChanging the displayed chart Working with ChartsThe chart legend Per-AS dataView a standard chart as a tabular report View a standard chart as a pie chartZooming in Zooming outExport a chart to another application Alter the filter applied to a standard chartPrint the chart Open the chart in a new windowView a pie chart as a standard chart Working with Pie ChartsView a tabular report as a chart Working with Tabular ReportsExamine a single row Sort a tabular reportUser’s Guide - version NetFlow TrackerAddress Reports Report TemplatesSession Reports User’s Guide - versionNetwork Reports QoS ReportsUser’s Guide - version NetFlow TrackerInterface Reports Creating Filtered ReportsTraffic Identification Reports Other ReportsSample size Report templateSource data Start timeSource device Time zoneIn interface Out interfaceSource port ProtocolDest port Src/dest portTraffic class DiffServSource AS Dest ASDevices and Interfaces Long-term ReportsPer-device and Per-interface Long-term Reports Filter EditorNetFlow Tracker User’s Guide - versionReports User’s Guide - versionNetFlow Tracker General Form Report URL FormatReport Format Parameters http//serverport/report.jsp?prm=value&prm=value0024 00230025 0026chart A tabular report will be generated defaultA chart over time will be generated A pie chart will be generatedChart title, if applicable Main report or chart bodyChart legend, if applicable featuresThe report will not reload automatically default Fully interactive HTML defaultTime Range Parameters htmlmillis Fixed lengthCalendar-based simple hourCalendar-based advanced The time range will extend for this number of unitsUser’s Guide - version NetFlow TrackerApplying a time-of-day mask to the time range HHmmday1-day2/time1-time2 User’s Guide - versionSpecifying a time zone User’s Guide - versionNetFlow Tracker NetFlow Tracker User’s Guide - versionGMT+0200 Bucharest GMT+0200 Cairominute Specifying the chart sample sizeMinutes Each sample will be this number of units long10minute Filter Parameters1hour 6houraddr1-addr2 nameThe protocol name, such as TCP or UDP The protocol number, in the rangeport/number port/nameport1-port2/name port1-port2/numberprec%20tos preccode bytemask addr/maskUser’s Guide - version NetFlow TrackerSecurity Parameters passwordusername User’s Guide - versionsecret Management Portal Access Control Parametersnull No filter editors are permittedIn/Out Interface Out InterfaceProtocol Source PortChart selection headers Chart scrollbarFilter Editor button, if applicable Refresh and Resolve All buttons, if applicableDatabase Server Settings Performance TuningDisk Speed Query SizeSNMP Settings Configuration GuideLicensing Listener PortsDevice Settings Device SettingsGeneral Settings SNMP SettingsTraffic Classes Sampled Data ScalingIdentified Applications InterfacesVPNs Security SettingsDeleting a Device User’s Guide - versionhttp//proxy/tracker1/report1 Management Portal Settingshttp//tracker1/report.jsp?portalsecret=secret&aclif= http//proxy/tracker1/report.jsp?portalacl=RewriteEngine On Using Apache as a Portal ServerRewriteRule /tracker1/.*$ http//1.2.3.4/$1 P,L,QSA ProxyPassReverse /tracker1/ http//1.2.3.4General Settings Report SettingsReal-time Reports User’s Guide - versionScheduled Reports Saved FiltersUser’s Guide - version NetFlow TrackerLong-term Reports User’s Guide - versionNetFlow Tracker Executive Reports User’s Guide - versionNetFlow Tracker span class=”repdesctext”Test/span User’s Guide - versionNetFlow Tracker Content nelements=5 and chartWidth=400An Example Executive Report - Top Applications Today and This Week Sub-reportsThe fourth row consists of a single sub-report cell containing the chart legend for the first sub-report. No interactive controls are supported. Simply select “Today” as the report, “Legend” as the only section, and deselect all controls. Don’t forget to make the cell cover two columns User’s Guide - versionNetFlow Tracker IP Application Names Hostname Resolution SettingsDiffServ Names User’s Guide - versionAS Names Database SettingsSubnet Names User’s Guide - versionc enter cd \nftracker enter Backupcd /usr/local/nftracker enter chown -R nftnft .systemPrefsLast long-term database maintenance duration Memory SettingsLast real-time database maintenance duration ArchivingTraffic Described NetFlow Data ReceivedIgnored Flows Unprocessed FlowsetsNo In Interface AboutUser’s Guide - version NetFlow TrackerEnabling NetFlow Export/NDE on a Cisco Router or Layer 3 Switch Appendix 1 Device ConfigurationEnabling Netflow Export on an IOS Device ip cefip flow-cache timeout inactive ip flow-cache timeout activeinterface interface exitip route-cache flow infer-fields Enabling NetFlow Export on a 4000 Series SwitchEnabling NDE on a Native IOS Device mls netflowmls flow ip full mls flow ip interface-full mls nde interfaceUser’s Guide - version NetFlow Trackerset mls bridged-flow-statistics enable vlanlist Configuring NDE on a CatOS Deviceset mls nde enable set system name nameinterface interface service-policy input netflowpolicymap exit Configuring NetFlow Input Filters for Traffic Class ReportingEnabling Flow Detail Records on a Packeteer Device flow-sampler-map allflows mode random one-out-of 1 exitset netflow port port-string enable set netflow cache enableEnabling NetFlow on an Enterasys Device set netflow export-destination addressPie chart CSV format Chart CSV formatAppendix 2 CSV File Format Tabular report CSV formatPie chart XML format Chart XML formatAppendix 3 XML Format Tabular report XML formatApache Commons Collections Appendix 4 Third Party Software ComponentsApache Commons Logging Apache Log4jQuartz jspSmartUploadUser’s Guide - version NetFlow Tracker