Enter filter list to view the pending filter list | Net Optics none

Director

		Pending filter list			CAM

	Address	Filter		Address	Filter

	1	n1.1 ip_proto=UDP action=drop		1	n1.1 ip_proto=UDP action=drop

	2	n1.1 m.1		2	n1.1 m.1

Figure 41: After filter sync

3.Use filter add, filter ins, and filter del commands to change filters as desired.

		Pending filter list			CAM

	Address	Filter		Address	Filter

	1	n1.1 ip_proto=TCP action=drop		1	n1.1 ip_proto=UDP action=drop

	2	n1.1 m.1		2	n1.1 m.1

	3	n1.2 m.2

Figure 42: Filter 1 has been changed and filter 3 has been added

4.Enter filter list to view the pending filter list.

Net Optics> filter list

001 ip_src=00000000/ffffffff,ip_dst=00000000/ffffffff,ip_proto=0006

l4_src_port=0000,l4_dst_port=0000,vlan=0000,action=1 in_ports=00

002 ip_src=00000000/ffffffff,ip_dst=00000000/ffffffff,ip_proto=0000

l4_src_port=0000,l4_dst_port=0000,vlan=0000,action=3 in_ports=00

redir_ports=12

003 ip_src=00000000/ffffffff,ip_dst=00000000/ffffffff,ip_proto=0000

l4_src_port=0000,l4_dst_port=0000,vlan=0000,action=3 in_ports=01

redir_ports=13 Net Optics>

Figure 43: Filter list command

6.Repeat steps 3 and 4 until the pending filter list is consistent with the desired filter configuration.

7.Enter filter commit. The contents of the pending filter list are copied to the CAM, activating the new filter configuration.

		Pending filter list			CAM

	Address	Filter		Address	Filter

	1	n1.1 ip_proto=TCP action=drop		1	n1.1 ip_proto=TCP action=drop

	2	n1.1 m.1		2	n1.1 m.1

	3	n1.2 m.2		3	n1.2 m.2

Figure 44: After filter commit

37

*** Confidential - DO NOT Distribute ***

Image 41

Net Optics none manual Enter filter list to view the pending filter list

Contents

Smart Filtering Appliance Trademarks and Copyrights Contents Appendix B Appendix aAppendix C Filter parameters Chapter Introduction Ease of Use Key FeaturesMonitor port Filtering Passive, Secure Technology Description About this Guide Director internal architecture Director Architecture Director Management USB port Network Links Typical Application Monitoring Tools External Network Tap method IBypass Switch MethodIn-line Monitoring of 10 Gigabit Links Director Front Panel Power LEDsMonitor Port LEDs DNM / Network Port LEDs XFP Director Rear Panel Chapter Installing Director Unpack and Inspect the Director device Plan the Installation Rack Mount the Director device Install Director Network ModulesInstall SFP and XFP Monitor port Modules Connect the local CLI Interface Connect Power to Director Baud Data bits No parity 1 stop bit No flow control Connect the remote CLI InterfaceTip To connect the CLI for remote use over the Management port To log into the CLI Log into the CLI To change the user name and password Configure Director using the CLIChange Director User Name and Password Assign a New Manager IP Address To change the port modeTo assign a new Manager IP address to Director Change Port Modes Set the Current Date and Time Save and Load Director Configurations To view CLI help information Using the CLI Help Command Current config file Using the CLI Command History Buffer To connect a Span port Connect Span Ports to Director To connect an in-line network link Connect Director With In-line Network Links Connect Monitoring Tools to Director Configure a Matrix Switch connection in DirectorCheck the Installation Syntax Chapter Configuring Filters Using the CLI Copy Traffic From Any Network Port to Any Monitor Port Enter filter commit. The switch connection is activated Lter add inports=n1.1 action=redir redirports=m.3-m.5 Regenerate Traffic to Any Set of Monitor Ports To create a filter that selects IPv4 packets by protocol Create Filters Logical and filter connection Create Complex Filters UDP View filters Configurable 10 Gigabit XFP ports used as Network ports Work with configurable 10 Gigabit ports Network Port 11 XFP Port CAM Understand filter interactions Flow diagram now looks as follows N1.1 ipproto=UDP action=drop N1.1 m.1 Exclusive filters Understand pending and active filters To change the Director filter configuration Enter filter list to view the pending filter list Filter capacity User interactions Daisy-chaining Multiple Director Chassis Specifications, chassis Appendix a Director Specifications Environmental Specifications, DNMCertifications Available Models Command Sub-Command Parameters Example and description Appendix B Command Line Interface Filter add and filter ins commands Command may includeFilter add ipv6=n inports=n1.1-n1.3 ip Src=10.1.1.1 action=drop Filter list Load myconfiguration-1Filter running Filter sync Show myconfiguration-1 Save myconfiguration-1Passwd Ping Sysip ipaddr=192.168.1.2 netmask=255.255.0.0 Sysip commitSysip show Time User show This This command is only available at root level CommandUser add name=bob pw=bob-pw priv=3 Is only Director Filter Parameters Qual Value Example Description Filter parameters Num Keyword Protocol Appendix C Protocol Numbers Mobile L2TP Limitations on Warranty and Liability By Net Optics, Inc. All Rights Reserved