User guide

ManualsBrandsMultitech ManualsPrint & ScanMT5634HD16

271

272

273

274

275

276

277

278

279

280

RASExpress User Guide

262 CommPlete Communications Server

Appendix D Creating Filter Templates

Introduction

A filter template (also simply called a filter) can be used to selectively forward or

filter inbound and/or outbound packets. It can be associated with either a user or a

port; however, a filter associated with a user overrides a filter associated with a port.

When a filter is associated with a user or port, all packets are compared with the filter

patterns in the filter; if there is a match, the specified action is taken. In the absence of a

user or port filter, all packets are forwarded.

Filter templates are stored in the FILTER.INI file on the RASExpress server. A filter

template is composed of ASCII text consisting of a filter name, a description, and a

pattern list. The filter name should uniquely identify the template. The description is

a text string that describes the purpose of the filter in plain language. The pattern list

consists of one or more patterns separated by semicolons. A colon is required at the

end of a template to separate it from the next template in the file.

You can use any text editor to write a filter template. You must then FTP the edited

FILTER.INI file to the RASExpress server.

Patterns

Patterns are applied in the order they are written. The first pattern decides the default

action. If the Action parameter of the first pattern is filter, then packets that match the

pattern are filtered and packets that do not match the pattern are forwarded. If the

Action parameter of the first pattern is forward, then packets that match the pattern

are forwarded and packets that do not match the pattern are filtered. If the Usage

parameter is set to none, the filter is not used. If it is set to input, the filter is applied

only to the input stream. If it is set to output, the filter is applied only to the output

stream. If it is set to input_output, the filter is applied to both the input and the

output streams.

There are three types of patterns: Generic, IP, and IPX, each of which has a different

definition. Each consists of a list of required parameters separated by commas, which

together define the match that is is being looked for and the type of packet in which

the match is being sought.

Generic Pattern: The Generic pattern applies the Mask parameter at the Offset para-

meter for Length parameter bytes to the raw data packet from the address header,

and checks to see if it matches the Result parameter. If it matches, it is successful, else

it is not successful. The Generic pattern is used only on bridging ports.

IP Pattern: The IP pattern applies the SrcAddrMask parameter to the source address

and the DstAddrMask parameter to the destination address, and compares them with

the SrcAddrResult and DstAddrResult parameters respectively. An equality check

with the Protocol, SrcPort, and DstPort parameters is also done. If any of these fields

is set to zero, it is not included in the check.