Filter
Top Products
Director
35
Note: __________________________________________________________________________________________________
Instead of lteradd, you can use a lterins command to dene lters. The only difference is that lterins
allows you to specify the lter's ID, which is its position in the pending lter list. (Use lterlist so see the IDs
of all pending lters.) When you use a lterins command, the rst argument must be id=<id> where <id> is a
decimal number in the range 1 to 999. For example: lterinsid=2in_ports=n1.1out_ports=m.1denes a lter
that sends all the trafc from Network Port 1 to Monitor Port 1 and places this lter in the second location in the
pending lter list.
________________________________________________________________________________________________________
Tip! ___________________________________________________________________________________________________
The lterdel command can be used to delete a lter from the pending lter list. The syntax is a lterdelid=<id>
where <id> is a decimal number in the range 1 to 999 corresponding to the position in the pending lter list. Use
the lterlist command so see the IDs of all pending lters.
________________________________________________________________________________________________________
Exclusive lters
Filters can be specied using action=drop in order to create exclusive lters. (An exclusive lter excludes packets rather
an including them.) For example, suppose you would like to monitor all trafc on a link except for the UDP trafc. To
specify this lter, use the following commands. Note that the drop lter must come rst so it is earlier in the CAM.
lteraddin_ports=n1.1ip_proto=17action=drop
lteraddin_ports=n1.1action=redirredir_ports=m.1
ltercommit
Monitor Port 1
All
Network Port 1
(drop)
match
no match
Protocol =
UDP
lter add in_ports=n1.1 ip_proto=17 action=drop
lter add in_ports=n1.1 action=redir redir_ports=m.1
CAM
Address Filter
1 n1.1 ip_proto=UDP action=drop
2 n1.1 m.1
Creating an exclusive lterFigure 38:
Tip! ___________________________________________________________________________________________________
If you only dene switch connections, with no ltering, the CAM is not involved and the switches do not interact.
________________________________________________________________________________________________________
Tip! ___________________________________________________________________________________________________
Filters that use exclusive sets of Network ports (each Network port is included in only a single lter) do not interact.
For example,
lteraddin_ports=n1.1-n1.5<lter_parameter_list> <monitor_port_list>
does not interact with
lteraddin_ports=n1.6-n1.10<lter_parameter_list> <monitor_port_list>
________________________________________________________________________________________________________