Device Online Help # Go back one pageGo to the next page#Go to this book's Index

Configuring the flow classifier

To configure the flow classifier:

  1. From the Device Manager menu bar, choose IP Routing > Filter.
  2. The ACL dialog box opens with the Template Mode tab displayed.
  3. Click the Flow Classifier tab.
  4. The Flow Classifier tab opens.

The table that follows describes the Flow Classifier dialog box fields.


Field Description
TemplateID
Specifies the template ID index.
CurrentMode
Specifies the operating mode of the template. Possible values here include:
  • security- when a template operates in security mode, it acts like a source IP filter. Packets that match a rule are considered dangerous dangerous to network security and are unconditionally dropped.
  • qos- when a template operates in qos mode, packets that match require some levels of bandwidth guarantee.
  • l4-switch- when a template operates in l2_switch mode, you must further define the combination fields of the packet header (IP and L4 header) to be examined.
QosFlavor
Defines what characteristics an incoming packet must meet. You must define one or more parameters. Possible flavors here include:
  • 8021p
  • dscp
  • ip
  • tcp
  • udp
  • un-used
Note: TheQos Flavor only applies when the CurrentMode equals qos. For templates where the CurrentMode is not qos, you must define the QosFlavor as un-used.
L4SwitchTCPDstlp
Indicates whether the destination IP address in the configured L4 TCP-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchTCPSrclp
Indicates whether the source IP address in the configured L4 TCP-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchTCPTos
Indicates whether the type of service in the configured L4 TCP-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchTCPDstPort
Indicates whether the destination TCP port number in the configured L4 TCP-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchTCPSrcPort
Indicates whether the source TCP port number in the configured L4 TCP-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchTCPFlags
Indicates whether the TCP flags in the configured L4 TCP-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchUDPDstlp
Indicates whether the destination IP address in the configured L4 UDP-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchUDPSrclp
Indicates whether the source IP address in the configured L4 UDP-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchUDPTos
Indicates whether the type of service in the configured L4 UDP-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchUDPDstPort
Indicates whether the destination UDP port number in the configured L4 UDP-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchUDPSrcPort
Indicates whether the source UDP port number in the configured L4 UDP-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchOtherDstlp
Indicates whether the destination IP address in the configured L4 OTHER-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
if you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchOtherSrclp
Indicates whether the source IP address in the configured L4 OTHER-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
if you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchOtherTos
Indicates whether the type of service in the configured L4 OTHER-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchOtherL4Protocol
Indicates whether the L4 protocol in the configured L4 OTHER-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchOtherICMPMessage
Indicates whether the ICMP message in the configured L4 OTHER-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
L4SwitchOtherIGMPType
Indicates whether the IGMP type in the configured L4 OTHER-session rule entries must be checked or not. Possible values here include:
  • true
  • false
  • un-used
If you do not define the CurrentMode as l4-switch, you must define it as un-used.
ActiveRuleNumber
Specifies the number of active rules.

  1. Double-click any of the active fields if you wish to change the attributes.
  2. A list of available menu options then appear (true/false etc).
  3. Select the new attribute and then click Apply.
  4. Note that when you change the flow classifier attribute, a warning message appears indicating that should you proceed, the template rules will be deleted and you will have to re-configure those rules based on the current flow classifier.

Go back one pageGo to the next page##Go to this book's Index