Re: code attached

[Rob Duncan <roduncan@nortelnetworks.com>]

(Apologies if anyone gets the same information via another message.)

I think there are some serious problems with the version of JFwd that
most people are using right now.  I'm pretty much coming to the end of
a reimplementation/test phase for the JFwd Ip filtering stuff.  I
think I can release a new version of it next week, assuming that our
office move doesn't completely shut me down through next week.

R.

Muneyb Minhazuddin <Muneyb.Minhazuddin@tip.csiro.au> writes:

> [1  <text/plain; US-ASCII (7bit)>]
> 
> Hi Rob,
> 
> My Testbed looks like this
> 
> 192.168.34.23					192.168.35.18
>    Source                 Accelar                Destination
>   --------               ---------               -----------
>   |      |               |       |               |         |
>   |      |               |       |               |         |
>   |      |-------------->|       |-------------->|         |
>   |      |         ----->|       |               |         |
>   --------         |     ---------               -----------
>   ORE 0.3.3        |     JVM/ORE                 ORE 0.3.3
>                    |
>                    V
>               ---------
>               |       |  
>               |       |  
>               |       |  
>               ---------
>               HTTP Server also running ORE 0.3.3
> 
> My TestImpl.java code is attached. I have attempted to create a filter
> between 192.168.34.23 and 192.168.35.18 with the intention to drop all the
> traffic between them using the IpFilterMapping.BIT_BUCKET option.
> 
> The oplet gets loaded as part of the startup oplets succesfully on the
> accelar . I expect that the matching frames will not to be forwarded,
> however when I start traffic generators in either directions they
> succesfully get through with full throughput. 
> 
> I can't see the filter from the GUI or CLI or that any of the
> corresponding MIBs being set.
> 
> Where have I gone wrong?
> 
> 
> BTW Bret,
> 
> I have never tried mirroring but have been sucessful at exploiting the
> Diffserv rules feature in the IP Filters for our work here. 
> 
> For example to set a filter between the above machines such that only the
> traffic between 192.168.34.23 port 5001 and 192.168.35.18 is forwarded I
> do the following
> 
>  Working from the GUI - device manager 
> 
> * First insert a Source Filter named Test with Mode - Forward 
> * Insert a Source Filter set named test_set and select my Test filter as
> part of the set.
> * Select the port on the accelar in the Filtered Ports Tab and select the 
> test_set to be applied to the port. Enable it and select the DefaultAction
> as drop.
> 
> If you want to add more filters or modify them, first disable the Filtered
> port then do any changes.
> 
> Remember to click Apply, refresh after every step.
> 
> There is a useful Actions table on the page 6-4, IP Filtering section of
> "Networking Concepts for the Accelar 1000 Series Routing Switch".
> 
> Cheers
> Muneyb
> _________________________________________________________
> Muneyb Minhazuddin - Telecommunications Research Engineer    
> CSIRO Telecommunication and Industrial Physics                
> Marsfield, NSW, Australia.                                    
>                                                              
> Phone no. : 61 2 9372 4113
> FAX       : 61 2 9372 4490          
> e-mail    : mminhazu@tip.csiro.au  
> Home Page : http://www-networks.tip.csiro.au/~mminhazu
> ---------------------------------------------------------