Using Port Groups In Custom Packet Filters; Port Group Packet Filter Example; Port Group Filter Operation - 3Com corebuilder 3500 Implementation Manual
Hide thumbs
Also See for corebuilder 3500:
- Command reference manual (784 pages) ,
- Getting started manual (96 pages) ,
- Manual (92 pages)
Table of Contents
Advertisement
242
C
10: P
HAPTER
ACKET
Using Port Groups
in Custom Packet
Filters
Port Group Packet
Filter Example
Port Group Filter
Operation
F
ILTERING
You can use a port group (a list of system ports) as filtering criteria in a
packet filter.
A packet filter uses the group to make filtering decisions by accessing the
group's source port group mask and destination port group mask. In the
mask, 32 bits indicate to which of 32 possible groups a port belongs. For
example, setting mask bit number 7 assigns the port to group number 7.
You reference these group masks using the opcodes SPGM (source port
group mask), and DPGM (destination port group mask). What follows is
an example of using port groups in packet filters.
In this example, packets are not forwarded to ports in groups 3 and 8.
Name
"Discard Groups 3 and 8"
pushSPGM
pushLiteral.l
and
pushLiteral.l
eq
When an address is learned on a port, the address and the port number
the packet was received on are inserted into the bridge address table and
a bit mask that is associated with the address that denotes the group
membership is inserted into the port group mask table.
The bridge address table stores each SA/DA MAC address with the port
number. The port group masks are stored in a smaller table associating
port numbers to port group masks.
For example, assume you defined port group 1 with port 3 being a
member and port group 2 with port 5 being a member.
# Get source port group mask.
0x0084
# Select bits 3 and 8.
# If port group bits 3 & 8 are common
# with SPGM, then non-zero value is
# pushed onto stack.
0
# Push zero.
# Only if SPGM is not in port groups
# corresponding to bits 3 & 8, then
# packet is forwarded.
Advertisement
Table of Contents
