HP UX IPQos Software manual 67

HP-UX IPQoS Configuration Files

Filter Blocks

Syntax Rules

The following rules apply to address and port attributes:

•Specify addresses and ports as singles or ranges.

•Specify IP addresses using the dot-notation for IPv4 and colon-notation for IPv6.

The address family of the first specified IP address determines the address family recognized by the filter. If you specify an IPv4 address the filter matches IPv4 packets. The same applies for IPv6. You cannot specify both IPv4 and IPv6 addresses in one filter. If you want to match an address or range regardless of IP format, duplicate the filter and specify the required address once in IPv4 for one filter and in IPv6 for the other filter. Attach both filters to the same policy.

•If you specify an address but not a network protocol, then the format of the address is used to set the network protocol.

•You can specify addresses numerically or by host name. Host names are converted using the standard name-to-address lookup functions, and are resolved when the configuration is loaded.

You can specify ports numerically or by the service name. The service name is converted to a number using /etc/services. The range for valid port numbers is 0-255 inclusive.

•If a host name or service name resolves to more than one address or port, the filter is automatically duplicated for each address or port. This is referred to as expansion.

If the original filter name is filterX, the set of expanded filters is named filterX_1, filterX_2 and so on. If filter filterx_1 is also expanded, the set of expanded filters is named filterX_1_1 and filterX_1_2.

For example, if filterX uses both host names and service names, then filterX is expanded once to resolve host names to addresses. All resultant filters are expanded again to resolve service names to port numbers.

•When a port is specified by a service name rather than a number, you can specify the associated transport protocol on the same line. The shortcut syntax is as follows:

port_service_name/transport_protocol_name

For example: dstport http/tcp

Use this shortcut to avoid expanded filters that would otherwise be created. For example, specifying dstport http creates dstport http/udp and dstport http/tcp.