Or you can specify an optional
entry <CLFrulename>
if
{ <match-conditions>;
}
then {
<actions>;
} else {
<actions>;
}
}
In the CLEARFlow rule syntax, the <CLFrulename> is the name of the rule (maximum of 31 characters).
The <match-conditions> specifies the condition that will trigger the rule, and how often to evaluate the
rule. The <actions> in the
optional
clause <actions> is the list of actions to take after the rule is triggered, and when the
else
<match-conditions> later become false.
NOTE
When you create an ACL policy file that contains CLEARFlow rules, the CLEARFlow rules do not have any
precedence, unlike the ACL entries. Each CLEARFlow rule specifies how often it should be evaluated. The order of
evaluation depends on the sampling time and when the CLEARFlow agent receives the counter statistics. The order
of the CLEARFlow rules in the policy file does not have any significance.
The rule types and rule actions are discussed in these sections:
CLEARFlow Rule Types on page 255
●
CLEARFlow Rule Actions on page 259
●
CLEARFlow Rule Types
There are four CLEARFlow rule types: count, delta, ratio, and delta-ratio. All of these rule types check
the values of counters to evaluate if an action should be taken. The counters are defined in the ACL
entries that are defined on the switch. When you use a counter statement in an ACL, you are defining
the counter used by CLEARFlow to monitor your system.
The following sections discuss the rule types in detail:
Count Rule Type on page 256
●
Delta Rule Type on page 256
●
Ratio Rule Type on page 257
●
Delta-Ratio Rule Type on page 258
●
ExtremeWare XOS 11.1 Concepts Guide
clause:
else
{
clause is the list of actions to take when the rule is triggered, and the
then
Adding CLEARFlow Rules to ACLs
255