Creating Packet Filters
12-11
4
Apply a logic operation to the values in steps 2 and 3. The operator you use
depends on what comparison you want to make.
Variations on these four basic steps of writing packet filters include:
■
Use
pushTop
for each additional comparison you intend to make with the
pushField value. This opcode makes a duplicate of the pushField value and
places it on top of the original pushField on the stack. The pushtop
instruction makes a copy of the field more efficiently than if you use a
second pushfield instruction.
■
Use
accept
or
reject
with
and
and
or
operators when you have
sequential tests and you would like the filter to accept or reject a packet
before the entire expression has been evaluated. Using
accept
and
reject
can significantly improve the performance of certain types of filters.
See the section “Implementing Sequential Tests in a Packet Filter” on
page 12-8 for more information.
■
Use
pushSAGM
,
pushDAGM
,
pushSPGM
, or
pushDPGM
for filtering by
address or port groups. See Chapter 13 for more information.
Examples of
Creating Filters
The following example shows a complex packet filter built from three
simple packet filters. Each of the shorter, simpler packet filters can be used
on its own to accomplish its own task. Combined, these filters create a
solution for a larger filtering problem.
Filtering Problem
Your network contains market data feed servers that receive time-critical
financial data needed for trading floor applications. At the center of the
trading floor networks is a Switch 2200 system that is being used to switch
Ethernet traffic and to concentrate the market data feed servers onto the
FDDI departmental backbone.
The difficulty is that the market data feed servers transmit data to users
with broadcast packets that are forwarded to all stations on all segments
attached to the Switch 2200 system. Not all of the segments attached to the
Switch 2200 system have stations that require these broadcast updates. In
order to optimize the performance of these Ethernet segments, you need to
filter the broadcasts.
Summary of Contents for SUPERSTACK 2200
Page 41: ......
Page 75: ......
Page 173: ...13 12 CHAPTER 13 CONFIGURING ADDRESS AND PORT GROUPS TO USE IN PACKET FILTERS ...