Deﬁning a ﬁlter | Patton electronic Model 2604 specification

8 • Filter IP	T1/E1 DACS Administrators’ Reference Guide

Introduction

The DACS software provides an IP ﬁltering system that enables you to set up security for the internal manage- ment system.

Each ﬁlter is a deﬁned list of parameters based upon attributes in the IP, TCP, and UDP headers. There are two major steps to ﬁlter creation: ﬁrst deﬁning the ﬁlter, then applying it to a user connection. The same ﬁlter can be shared by several users.

The DACS enables 20 separate ﬁlters to be deﬁned, of which up to 10 can be used during a single user connec- tion. Since the IP connections in the 2604 are only for the superuser and the monitor user, these will be the only two users. The application of the ﬁlters is done on the Filter IP main web page.

Click on Filter IP under the Conﬁguration Menu to display the FIlter IP main window (see ﬁgure 17).

Figure 17. Filter IP main window

Deﬁning a ﬁlter

This section gives a brief summary on deﬁning a ﬁlter. For a complete discussion with ﬁlter examples, see the ﬁnal section.

To deﬁne a new ﬁlter, select an ID number and a name, then click on the Submit Query button to submit the request. The ID number and name must not already exist in the IP FILTER list, and the number must be an integer between 1 and 20. To delete a ﬁlter, enter just the ID number without a name and click on the Submit Query button.

Note Block ﬁlters take priority, therefore any applied and matching block ﬁlters will drop the packet. Next, pass ﬁlters are examined, if PASS ﬁl- ters have been deﬁned, then at least one of them must match or else the packet will be dropped. After the block and pass ﬁlters are exam- ined, the WRAP ﬁlter, if it exists, will be applied.

50	Introduction

Image 52

Patton electronic Model 2604 manual Deﬁning a ﬁlter, Filter IP main window

Contents

T1/E1 Digital Access and Cross-Connect System Dacs Patton Electronics Company, Inc Contents DS0 Mapping Icmp Contents 11 TCP RIP Version System System Log 107 17 T1/E1 Link 115 Contents 18 T1/E1 Assignment 137 License 143 Audience Structure Typographical conventions used in this document General conventions Mouse conventions About this guide T1/E1 Dacs Administrators’ Reference Guide Chapter contents Introduction Introduction Logging into the HTTP/HTML Administration PagesHTTP/HTML and Snmp Object Format Saving HTTP/HTML Object Changes Click on the Record Current Conﬁguration button Saving HTTP/HTML Object Changes Home Home Operating Status Variables Immediate Actions Hard Reset hardReset2 Set Factory Default Conﬁguration forceDefaultConﬁg3 Import/Export Export Conﬁguration Import/Export main window Typical Dacs ﬂash memory conﬁguration data Import Conﬁguration Saving the Dacs ﬂash memory conﬁguration data as a text ﬁle Alarms Displaying the alarms window Alarms main window Sample alarm indication Alarm Response Outputs Alarms Alarm Time Alarm CountGenerate Alarm Clear Alarm Modify Response-Conﬁguring the alarm response system Modify Alarms-Conﬁguring alarm severity levels Temperature Threshold Modify Alarms-Configuring alarm severity levels DS0 Mapping Displaying the DS0 Mapping window Dacs Display Type Help Dacs help information Static ConnectionDevice Type Device Number Device Slots Conﬁguration Clocking Conﬁguring the System Clock Settings Main Reference daxClockMainRef Fallback Reference daxClockFallbackRef Clock Status daxClockFailure Configuring the System Clock Settings Ethernet Alignment Errors dot3StatsAlignmentErrors FCS Errors dot3StatsFCSErrorsEthernet statistics Single Collision Frames dot3StatsSingleCollision Frames SQE Test Errors dot3StatsSQETestErrors Other Errors dot3StatsInternalMacTransmitErrorsCarrier Sense Errors dot3StatsCarrierSenseErrors Multiple Collision Frames dot3StatsMultipleCollisionFrames Other Received Errors dot3StatsInternalMacReceiveErrors Chip Set ID dot3StatsEtherChipSet Filter IP Deﬁning a ﬁlter Filter IP main window Filter IP parameters window Name ﬁlterIpName Direction ﬁlterIpDirectionAction ﬁlterIpAction Source IP ﬁlterIpSourceIp Destination Mask ﬁlterIpDestinationMask Source Port FilterIpSourcePortAction ﬁlterIpSourcePortCmp Destination Port ﬁlterIpDestinationPort Filter IP T1/E1 Dacs Administrators’ Reference Guide Icmp Icmp Receive/Send Messages window Block Icmp redirects boxBLockIcmpRedirectsTotal Received icmpInMsgs Errors icmpInErrors, icmpOutErrors Wo/Errors icmpOutErrorsParameter Problems icmpInParmProbs, icmpOutParmProbs Source Quenchs icmpInSrcQuenchs, icmpOutSrcQuenchs Redirects icmpInRedirects, icmpOutRedirects Echos icmpInEchos, icmpOutEchosEcho Replys icmpInReps, icmpOutReps Time Stamps icmpInTimestamps, icmpInTimestamps Chapter contents 10 IP IP main window IP main window Default Time-To-Live ipDefaultTTL Discarded for Header Errors ipInHdrErrorsDiscarded for Address Errors ipInAddrErrors Discarded w/No Errors ipInDiscards Reassembly Timeout ipReasmTimeout Reassembly Failures ipReasmFailsTotal Deliveries ipInDelivers Out Requests ipOutRequests Modify # Fragmented OK ipFragOKs# Fragmented Failed ipFragFails # Fragments Created ipFragCreates Addressing Information IP addressing Information Details Routing Information Destination ipRouteDest Mask ipRouteMask Gateway RouteGatewayCost RouteCost Interface ipRouteIfIndex Next Hop ipRouteNextHop Forwarding table windowType ipRouteType Protocol ipRouteProto Info ipRouteInfo IP Routing Destination window Route Destination ipRouteDest Seconds Since Updated ipRouteAge Address Translation InformationTag RouteTag Interface ipNetToMediaEntry Physical ipNetToMediaPhysAddress Net Address ipNetToMediaNetAddressType ipNetToMediaType TCP Retransmit-Timeout Algorithm tcpRtoAlgorithm Retransmit-Timeout Minimum tcpRtoMinRetransmit-Timeout Maximum tcpRtoMax TCP main window Established Resets tcpEstabResets Total Received tcpInSegsTotal Received in Error tcpInErrs Maximum Connections tcpMaxConn TCP Details Local Port tcpConnLocalPortRemote Address tcpConnRemAddress Remote Port tcpConnRemPort TCP Details TCP T1/E1 Dacs Administrators’ Reference Guide UDP Handling of Netbios UDP Broadcasts boxNetbiosUdpBridging Others Received with No Delivery udpInErrorsReceived udpInDatagrams Received With No Ports udpNoPorts Local Address udpLocalAddress Listener Table udpTableLocal Port udpLocalPort UDP T1/E1 Dacs Administrators’ Reference Guide RIP Version RIP Version 2 main window Route Changes Made rip2GlobalRouteChangesResponses Sent rip2GlobalQueries Adding a RIP address RIP Version 2-Conﬁguration Address rip2IfConfAddress Authentication Type rip2IfConfAuthType Authentication Key rip2IfConfAuthKeyMetric rip2IfConfDefaultMetric Domain rip2IfConfDomain RIP Version 2 Statistics RIP Version 2 Statistics Snmp Packets snmpInPkts Snmp windowBad Version snmpInBadVersions ASN ParseErrors snmpInASNParseErrs Error Status Too Big snmpInTooBigsError Status Read Only snmpInReadOnlys Generated Errors snmpInGenErrs Out Get Responses snmpOutGetResponses Authentication Failure Traps snmpEnableAuthenTrapsTraps snmpOutTraps Snmp T1/E1 Dacs Administrators’ Reference Guide Out System System Introduction System main window Snmp and Http Manufacturer Message Blocks Installation Operating System Heap MemoryEnclosure System Other Running Since Last Boot sysUpTime Web Settings boxBackgroundFlagSystem Manager sysContact Box Name sysName System-Modify window System-Modify window Address boxIPAddress Method to Obtain Address boxIPAddressTechniqueMask boxIPMask France5 Germany6 System-Packet Holding Message Blocks System T1/E1 Dacs Administrators’ Reference Guide 106 System Log System Log Main Window System Log main window System Log-Modify DaemonsSysLog Daemon IP AddresssyslogDaemonIP Snmp Trap Daemon IP Address syslogTrapIP Min Priority for SysLog Daemon syslogDaemonPriority Min Priority for Console RS-232 syslogConsolePriorityMin Priority for Flash Storage syslogFlashPriority Min Priority for Snmp Trap Daemon syslogTrapPriority Min Priority for RAM SyslogTablePriority Unix Facility syslogUnixFacility Call Trace syslogCallTrace MaintenanceMaintain Flash Storage syslogFlashClear Time slTick System Log-Volatile MemoryMessage slMessage Time slfTick System Log-Non-Volatile MemoryMessage slfMessage T1/E1 Link 17 T1/E1 Link 117 17 T1/E1 Link T1/E1 Dacs Administrators’ Reference Guide T1/E1 Link Activity main window Link dsx1LineIndexType dsx1LineType Circuit ID dsx1CircuitIdentiﬁer Line Status dsx1LineStatus Far End Alarm FailureFailure States Alarm Indication Signal AIS Failure Loss Of Signal FailureTS16 Alarm Indication Signal Failure Loss Of Frame Failure Time Elapsed dsx1TimeElapsed Line Status-ConﬁgurationValid Intervals dsx1ValidIntervals Line Interface Settings WAN Circuit Conﬁguration-ModifyCircuit ID dsx1CircuitIdentiﬁer Line Type dsx1LineType Type dsx1LineType Yellow Alarm Format linkYellowFormat Line Coding dsx1LineCodingReceive Equalizer linkRxEqualizer Line Build Out linkLineBuildOut Test Settings Force Yellow Alarm linkYellowForceFDL dsx1FDL Loopback Conﬁg dsx1LoopbackConﬁg Yellow Alarm Severity Error Injection linkInjectErrorRed Alarm Severity Near End Line Statistics-Current Near End Line Statistics-History Severely Errored Frame Seconds dsx1IntervalSEFSs Line Errored Seconds dsx1IntervalLESsBursty ErroredSeconds dsx1IntervalBESs Unavailable Seconds dsx1IntervalUASs Near End Line Statistics-Totals Far End Line Statistics-Current Far End Line Statistics-History Errored Seconds dsx1FarEndIntervalESs Severely Errored Seconds dsx1FarEndIntervalSESsSeverely Errored Frame Seconds dsx1FarEndIntervalSEFSs Line Errored Seconds dsx1FarEndIntervalLESs Far End Line Statistics-Totals Bursty Errored Seconds dsx1FarEndTotalBESs Degraded Minutes dsx1FarEndTotalDMs 17 T1/E1 Link T1/E1 Dacs Administrators’ Reference Guide 136 T1/E1 Assignment Displaying the T1/E1 Assignment window WAN Assignment Table window Slot DevicePort # Slot # Displaying the T1/E1 Assignment window About Patton Electronics Company contact information About window License End User License Agreement Deﬁnitions Warranty TitleTerm Grant of License License T1/E1 Dacs Administrators’ Reference Guide 146