Table of Contents
Advertisement
Programmable Filtering
Pattern Filter Operators
The following operators are used in creating Pattern filters and will be discussed further in the following pages. For additional
information refer to the octet locations diagrams at the back of this manual. Each octet location may contain a HEX value.
-
offset
Used in pattern filters to determine the starting position to start the pattern checking.
Example:
|
OR
Used in combination filters when one or the other conditions must be met.
Example:
&
AND
Used in combination filters when one and the other conditions must be met.
Example:
~
NOT
Used in pattern filters to indicate that all packets not matching the defined pattern will be filtered.
Example:
( )
brackets
Used in pattern filters to separate portions of filter patterns for specific operators.
Example:
Bridge Pattern Filtering
Protocol Discrimination
Protocol discrimination may be required to prevent or limit the protocols that may traverse a bridged Local Area Network.
In Local Area Networks there may be many different Network and Transport layer protocols that coexist on the same
physical media. TCP/IP, DECNET, and XNS are just a few of the common protocols in use today. Each of these protocols
is encapsulated within an Ethernet frame, and therefore is transparent to the normal bridging function. If you would like to
discriminate against a particular protocol to prevent its use of the bridged LAN facilities, the router provides programmable
filter masks that may be defined to act on any part of the Ethernet frame.
In the examples below, several protocol types and combinations are presented to demonstrate the use of programmable filter
masks to control the protocol traffic between Local Area Network segments. Since there are many possible combinations,
these examples are only representative of some of them.
12-80
This filter pattern will match if the packet information starting at
the 12
10-20|12-80
This filter pattern will match if the packet information starting at
the 10
information starting at the 12
pattern.
10-20&12-80
This filter pattern will match if the packet information starting at
the 10
information starting at the 12
pattern.
~12-80
This filter pattern will match if the packet information starting at
the 12
12-80&(14-24|14-32)
This filter pattern will be checked in two operations. First the
section in brackets will be checked and then the results of the first
check will be used in the second check using the first portion of
the filter patter. If the packet information starting at the 14
equals 24 or 32, and the information at the 12
filter pattern will match.
octet equals the 80 of the filter pattern.
th
octet equals the 20 of the filter pattern or if the packet
th
octet equals the 20 of the filter pattern and the packet
th
octet does not equal the 80 of the filter pattern.
th
70
octet equals the 80 of the filter
th
octet equals the 80 of the filter
th
octet equals 80, the
th
octet
th
Advertisement
Table of Contents
