Filter
Top Products
29
*** Condential - DO NOT Distribute ***
Director
ip_dst IP destination address•
ip_dst_mask IP source address mask•
ip_proto IP protocol•
l4_src_port Layer 4 source port•
l4_dst_port Layer 4 destination port•
vlan VLAN number•
Create Complex Filters
Multiple lter parameters can be specied in a single lteraddcommand. Packets must satisfy all of the lter
parameters to be selected; in other words, the lter parameters have a logical AND connection.
ToselectallTCPtrafcarrivingfromIPaddress192.186.10.0:
Enter 1. lteraddin_ports=n1.5ip_src=192.186.10.0ip_proto=6action=redirredir_ports=m.1. A lter has been
dened to select all IPv4 TCP packets from Network Port 5 with a source IP address of 192.186.10.0; packets
matching the lter are copied to Monitor Port 1.
Enter 2. ltercommit. The lter is activated.
Monitor Port 1Network Port 5
Source IP =
192.186.10.0
Network Port 5
Protocol =
TCP
lter add in_ports=n1.5 ip_src=192.186.10.0 ip_proto=6 action=redir redir_ports=m.1
Logical AND lter connectionFigure 28:
A logical OR connection can be made between lters by specifying multiple lters with the same Network and Monitor
port lists.
To select all packets which are either TCP or UDP protocol:
Enter 1. lteraddin_ports=n1.5ip_proto=6action=redirredir_ports=m.1. A lter has been dened to select all IPv4
TCP packets from Network Port 5 and copy them to Monitor Port 1.
Enter 2. lteraddin_ports=n1.5ip_proto=17action=redirredir_ports=m.1. Another lter has been dened to
select all IPv4 UDP packets from Network Port 5 and copy them to Monitor Port 1.
Enter 3. ltercommit. The lters are activated.