Filter
Top Products
18 Introduction
Figure 3 illustrates how all matched packets are copied and transmitted by mirror ports.
Figure 3
Forwarding Engine
Detection Engine
Packet Data
PCI-X Module
Packet Data
Device Access
Config Commands
Packet Data
State Table
Rx1
Tx1
Rx0
Tx0
Mirror 1
Mirror 0
Match Result
figindex 006
Logic Diagram of Traffic Flow in the P10 DPI
Types of Rules
Two types of rules can be uploaded to the FPGA:
• St
atic rules: Static rules are compiled to become part of the firmware and are mapped directly into
logic gates. Static rules can be set to capture/not capture and block/not block individually, but they
cannot be changed once they have been loaded into the FPGA.
• Dynam
ic rules: Dynamic rules are programmed at runtime in the DPI hardware registers and can be
configured without changing the firmware. These rules (like static rules) can be disabled/enabled
individually.
Sample Rules and Firmware
The P10 includes sample rules files in the pnic-compiler/rules directory. You can browse these files in
order to become more familiar with Snort syntax or creating rules files; you can also generate firmware
from these files at your discretion.
Note: Mirroring is automatically enabled when the mirroring port is connected to another network device.
Mirroring is not controlled through the CLI.