Example 3: Packets Can Match Multiple Filters
Example 3: Packets Can Match Multiple Filters
This example illustrates packets matching more than one filter.
####
#Sample file for packets matching more than one filter
filter generic_http { port http priority 90
}
filter specific_http { port http dstaddrlo 15.0.0.0 dstaddrhi 15.255.255.255
priority 89 #Higher priority (lower number) than generic_http
}
policy generic_http_pol { # uses generic_http
res 15% max 20%
}
policy specific_http_pol { uses specific_http
res 85% max 95%
)
adapter lan0 {
uses generic_http_pol, specific_http_pol
}
####
In this example, traffic to a certain subnet receives more bandwidth than any other traffic. One filter is specified for the generic case and given a priority. Another filter is specified for the particular case and given a higher priority than the generic filter. The specific_http filter selects http traffic going to any host in the 15.*.*.* network. Traffic matching this filter is allowed to use up to 95% of the adapter’s (lan0’s) outbound bandwidth. The specific_http filter has priority set to 89, which is higher than the generic_http traffic filter priority of 90, so the specific_http filter takes priority.
122 | Appendix B |