HP-UX Reference (11i v1 00/12) - 4 File Formats (vol 8)
__________________________________________________________________________________________________________________________________________________________________________________________________
__________________________________________________________________________________________________________________________________________________________________________________________________
STANDARD Printed by: Nora Chuang [nchuang] STANDARD
/build/1111/BRICK/man4/!!!intro.4
________________________________________________________________
___ ___
p
ppp.Filter(4) ppp.Filter(4)
In the ‘log’ filter specification, the special keyword ‘trace’ causes the contents (as well as headers) of the indi-
cated type of packet to be written to the log file. Also in the ‘log’ filter specification, the special flag
‘rejected’ signifies that the packet is to be logged only if it was rejected by the ‘pass’ filter.
Since TCP data streams are opened when the initiator sends a SYN packet to the intended recipient, pppd
can distinguish between outbound (sent from this host) and inbound (coming from the other end of the link)
uses of TCP applications such as telnet or FTP. The special keyword ‘syn’ allows filtering or logging these
connection starters. Qualifying it with ‘recv’ or ‘send’ allows sessions to be started or logged only if they are
initiated in the indicated direction. The special keyword ‘fin’ allows filtering or logging the packets that
close TCP connections.
The ‘src’ and ‘dst’ keywords serve to distinguish ports, addresses or hostnames, as applying to the source or
destination, respectively, of the packet. If both are applied to the same stanza (e.g. .../src/dst ), then
both the source and destinationaddress and/or port must match.
The unreach= keyword causes an ICMP Destination Unreachable message (RFC 792 and RFC 1122 sec-
tion 3.2.2.1) to be sent to the packet’s source address, bearing the indicated code field, which may be chosen
from
net The destination network is unreachable.
host The destination host is unreachable.
prot The designated transport protocol is not supported.
protocol The designated transport protocol is not supported.
port The designated transport protocol (e.g., UDP) is unable to demultiplex the datagram
but has no protocol mechanism to inform the sender.
needfrag Fragmentation is needed and the Don’t Fragment flag is set.
srcfail Source route failed.
net-unknown The destination network is unknown.
host-unknown The destination host is unknown.
host-isolated The source host is isolated.
net-prohibited Communication with the destination network is administratively prohibited.
host-prohibited Communication with the destination host is administratively prohibited.
net-tos The destination network is unreachable for the designated type of service.
host-tos The destination host is unreachable for the designated type of service.
The ip-opt= keyword can be used to select packets based on whether they bear various IP options (RFC
1122 section 3.2.1.8 and RFC 791 section 3.1 (pps 16ff)), selected from
rr Record Route is used to trace the route an internet datagram takes.
ts Time Stamp.
security Security is used to carry Security, Compartmentation, User Group (TCC), and Han-
dling Restriction Codes compatible with DOD requirements.
lsrr Loose Source Routing is used to route the internet datagram based on information
supplied by the source.
ssrr Strict Source Routing is used to route the internet datagram based on information
supplied by the source.
srcrt Either Loose Source Routing or Strict Source Routing.
any Any IP option - could even match the No Operation option.
EXAMPLES
Default Behavior
The following Filter file describes the default behavior of pppd, either in the absence of a filter
specification file or in the case of an empty file:
# Filter - PPP configuration file,
# binding packet types to actions.
Section 4−−218 − 2 − HP-UX Release 11i: December 2000
___
___