The following figure identifies the fields in a packet that a System Defense filter can evaluate.
An Ethernet packet can contain:
• A non IP Packet
• An IP Packet, which can contain:
• A TCP Packet
• A UDP Packet
• A Non TCP/UDP packet
The following table describes the packet header fields you can define using for either transmit or receive packet streams.
Header Type |
Description |
Ethernet |
• Frame Type (2 bytes) |
IPv4 |
• Source Address (4 bytes): Use a mask to perform wild card IP address matches • Destination Address (4 bytes): Use a mask to perform wild card IP address matches • Protocol Type (1 byte): See IANA protocol numbers |
IPv6 |
• Source Address (16 bytes): Use a mask to perform wild card IP address matches • Destination Address (16 bytes): Use a mask to perform wild card IP address matches • Protocol Type (1 byte): See IANA protocol numbers. |
TCP |
• Source Port (2 bytes): Supports a range of port values. • Destination Port (2 bytes): Supports a range of port values. • TCP flags: (6 bits in the 14th byte) most valuable with a rate limit filter – the SYN bit is the fifth bit |
UDP |
• Source Port (2 bytes): Supports a range of port values • Destination Port (2 bytes): Supports a range of port values |
See Also: |
Copyright © 2006-2022, Intel Corporation. All rights reserved. |