14 Chapter 2: Configuring the Application Control Forwarding Protocol (ACFP)
ACFP collaboration rules
ACFP collaboration rules refer to the rules that the ACFP client sends to
the ACFP server for an application. There are two types of collaboration
rules:
Monitoring rules, which monitor, analyze, and process the packets to
■
be sent to the ACFP client. The action types corresponding to
monitoring rules are redirect, mirror and rate.
Filtering rules, which determine the packets to deny and permit. The
■
action types corresponding to filtering rules are deny and permit.
Rule information includes:
ClientID: ACFP client identifier
■
Policy index
■
Rule index: rule identifier
■
Status: Indicates whether the rule is applied successfully
■
Action: Either mirror, redirect, deny, permit, or rate
■
Match all packets: Indicates whether to match all the packets. If this is
■
set to yes, the following matching does not need to be performed.
Source MAC address
■
Destination MAC address
■
Starting VLAN ID
■
Ending VLAN ID
■
Protocol number in IP packet
■
Source IP address
■
Inverse mask of source IP address
■
Source port operator: Either equal to, not equal to, greater than,
■
less than, greater than and less than. The following ending source
port number takes effect only when the type is greater than and
less than. The source port number of the packets matched by the
identifier must be greater than the starting source port number and
less than the ending source port number.
Starting source port number
■
Ending source port number
■
Destination IP address
■