Filter
Top Products
Director
49
Filter parameters
Switches and lters are dened using the lteraddandlterinscommands. The lteradd command syntax is:
lter ipv6=y add in_ports=<portlist> <lter_parameter_list> action=<redir|drop> redir_ports=<portlist>
The <lter_parameter_list> is a sequence of zero or more of the lter qualiers as listed in the following table.
If the <lter_parameter_list> is empty, the lteradd command species an aggregation of the trafc received on all of
the in_ports. If the action=redir, the aggregated trafc stream is regenerated to all of the redir_ports.
If the <lter_parameter_list> contains lters, aggregation and regeneration take place as described in the previous
paragraph. However, the lters are applied to the aggregated trafc stream before it is copied to the monitor ports. If
multiple lter qualiers are specied, a packet must satisfy all of the lter qualiers in order to be copied to the monitor
ports. In other words, the lter qualiers are combined with a logical AND condition. A logical OR condition can be
created by using multiple lteraddcommands with identical port lists.
The lteraddandlterinscommands dene lters but do not activate them. A subsequent ltercommit or commit
command must be executed to activate the lters. This mechanism enables an interrelated group of lters to be activated
simultaneously. It also allows you to double-check your lter denitions before you activate them. The commit command
also rewrites the default Director conguration (the defaultcfg le), while lter commit does not.
Note that IPv6 and IPv4 lters are maintained separately. It is important to include the "ipv6=y" argument when dealing
with IPv6 lters, and omit it when dealing with IPv4 lters.
It is also important to note that packets are ltered using a Content Addressable Memory or CAM. Each lter is a CAM
entry, and the CAM is lled in the order that the lteraddcommands are entered. Filter ins commands create lters
in specic locations in the CAM. When a packet is processed, the rst lter in the CAM that matches the packet is the
only lter that is activated. Each packet can activate exactly zero or one lters. See Understandlterinteractions
near the end of Chapter 3 for examples.
All supported lter qualiers are shown in the table on the following page.