Cisco Cisco ASR 5700
ACS Rulebase Configuration Mode Commands
route priority ▀
Command Line Interface Reference, StarOS Release 17 ▄
757
Usage
Instances of this CLI command control which packets are routed to which protocol analyzers. Packets sent to
ACS are always passed through the IP protocol analyzer. This CLI command controls which higher layer
analyzers are also invoked.
ACS are always passed through the IP protocol analyzer. This CLI command controls which higher layer
analyzers are also invoked.
Analyzer
Common ways to route to the analyzer
dns
UDP destination port or source port is DNS (53).
file-
transfer
transfer
FTP and the command name is retr or stor; or, HTTP and the request method is get or post.
ftp
TCP destination port or source port is FTP control (21) or FTP data (20); or, ftp analyzer (for FTP control packets)
dynamically detected an FTP data flow over TCP (tcp dynamic-flow = ftp-data).
dynamically detected an FTP data flow over TCP (tcp dynamic-flow = ftp-data).
http
TCP destination port or source port is HTTP (80).
icmp
All IPv4 packets with IP protocol = ICMP (1) are automatically routed here.
imap
TCP destination port or source port is IMAP (143).
ip
All IPv4 packets are automatically routed here.
mms
WSP content type is application/vnd.wap.mms-message; or, WSP uri contains “mms”; or, HTTP content type is
application/vnd.wap.mms-message; or, HTTP uri contains “mms”.
application/vnd.wap.mms-message; or, HTTP uri contains “mms”.
p2p
Use the
p2p dynamic-flow-detection
CLI command to enable detection of the different P2P applications
specified by the
p2p application
CLI command; that will cause every TCP or UDP packet to be automatically
routed here
pop3
TCP destination port or source port is POP3 (110).
radius
UDP source or destination port 1812 to be used.
rtp
and
rtcp
RTSP has embedded RTP/RTCP payloads (you need to enable RTP dynamic flow detection to catch those flows);
or, RTSP or SDP (for SDP within SIP) creates an RTP/RTCP flow over UDP (in addition to enabling the
aforementioned dynamic flow detection, you must make sure that UDP packets are routed to the UDP analyzer) or,
RTP/RTCP uses predefined UDP port numbers (e.g. default UDP port numbers of 5004/5005).
or, RTSP or SDP (for SDP within SIP) creates an RTP/RTCP flow over UDP (in addition to enabling the
aforementioned dynamic flow detection, you must make sure that UDP packets are routed to the UDP analyzer) or,
RTP/RTCP uses predefined UDP port numbers (e.g. default UDP port numbers of 5004/5005).
rtsp
TCP destination port or source port is RTSP (554).
sdp
RTSP or SIP content type is application/sdp
secure-
http
http
TCP destination port or source port is HTTPS (443). Note that HTTP may use the CONNECT method (see RFC
2817), in which case, the subscriber will be upgraded with transport layer security, but the traffic to/from the
chassis will still be HTTP and be passed through the http rather than the secure-http analyzer (assuming that routing
to the http analyzer has been configured).
2817), in which case, the subscriber will be upgraded with transport layer security, but the traffic to/from the
chassis will still be HTTP and be passed through the http rather than the secure-http analyzer (assuming that routing
to the http analyzer has been configured).
sip
UDP destination port or source port is SIP (5060).
smtp
TCP destination port or source port is SMTP (25).
tcp
All IPv4 packets with IP protocol = TCP (6) are automatically routed here.
udp
All IPv4 packets with IP protocol = UDP (17) are automatically routed here.
wap2
TCP destination port or source port of the carrier-specific port number for WAP-2 (e.g. one carrier uses 8799); or,
send all HTTP traffic to the wap2 analyzer if the carrier does not use a special port number.
send all HTTP traffic to the wap2 analyzer if the carrier does not use a special port number.
wsp
UDP destination port or source port is connection-less WSP (9200) or connection-oriented WSP (9201).
wtp
Packets are automatically routed here, if you specified “wsp-connection-oriented” as described above.