3com S7906E 설치 설명서

 

1-4 

z 

Context ID: It is used when the packet is mirrored or redirected to an ACFP client. After the 

interface connected to the ACFP client is specified in the policy sent, the ACFP server assigns it a 

global serial number, that is, the Context ID, with each Context ID corresponding to an ACFP 

collaboration policy. 

z 

Admin-Status: It indicates whether to enable the policy. 

z 

Effect-Status: It indicates the expiration time of the policy and is used to control the expiration time 

of all the rules under the policy. 

z 

Start-Time: It indicates starting from what time (second/minute/hour) the policy takes effect and is 

used to control starting from what time all the rules under the policy take effect. 

z 

End-time: It indicates starting from what time (second/minute/hour) the policy turns invalid and is 

used to control starting from what time all the rules under the policy turn invalid. 

z 

DestIfFailAction: If the policy dest-interface is down, the actions to all rules under the policy will be 

as follows: for forwarding first devices, select the delete action to keep the redirected and mirrored 

packets being forwarded; for security first devices, select the reserve action to discard the 

redirected and mirrored packets. 

z 

Priority: It indicates the priority of a policy, number notation, in the range of 1 to 8. The bigger the 

number, the higher the priority. 

ACFP collaboration rules refer to the collaboration rules that the ACFP client sends to the ACFP server 

for application. There are three types of collaboration rules: 

z 

Monitoring rules: that is, to monitor, analyze, and process the packets to be sent to the ACFP client. 

The action types corresponding to monitoring rules are redirect and mirror. 

z 

Filtering rules: that is, to determine which packets to deny and which packets to permit. The action 

types corresponding to filtering rules are deny and permit. 

z 

Restricting rules: that is, to determine the rate of which packets is to be restricted. The action type 

corresponding to restricting rules is rate. 

Rule information is described as follows: 

z 

ClientID: ACFP client identifier. 

z 

Policy index 

z 

Rule index: rule identifier 

z 

Status: It indicates whether the rule is applied successfully. 

z 

Action: It can be mirror, redirect, deny, permit, or rate. 

z 

Match all packets: It indicates whether to match all the packets. If yes, the following matching 

needs not be performed. 

z 

Source MAC address 

z 

Destination MAC address 

z 

Starting VLAN ID 

z 

Ending VLAN ID 

z 

Protocol number in IP 

z 

Source IP address 

z 

Wildcard mask of source IP address 

z 

Source port operator: Its type can be equal to, not equal to, greater than, less than, greater 

than and less than. The following ending source port number takes effect only when the type is 

greater than and less than. The source port number of the packets matched by the identifier must 

be greater than the starting source port number and less than the ending source port number. 

z 

Starting source port number