Filter
Top Products
12-12 CHAPTER 12: CREATING AND USING PACKET FILTERS
Packet Filter Solution
The solution described here is to create a highly sophisticated packet filter
that prevents only the broadcast packets from the market data servers from
being forwarded onto the segments that are not part of an active trading
floor.
Before writing the packet filter, it is important to understand the functions
that the filter must provide. The broadcast packets that are transmitted by
the servers are based on either TCP/IP or XNS protocol. In both cases, the
broadcast packets have socket values that are greater than 0x076c and less
than 0x0898. The socket value is located 24 bytes into the packet in IP data-
grams and 30 bytes into the packet in XNS datagrams.
You can use this information to create pseudocode that simplifies the
process of writing the actual filter. It helps to write the pseudocode in
outline form, as shown here:
1 Determine if the packet has a broadcast address. (Use the packet filter path
assignment.)
2 Determine if the packet is an XNS datagram.
3 Check socket values and discard the packet if:
a The socket value is greater than or equal to 0x76c
AND
b The socket value is less than 0x898
4 Determine if the packet is an IP datagram.
5 Check socket values and discard the packet if:
a The socket value is greater than or equal to 0x76c
AND
b The socket value is less than 0x898
6 End the filter.