Листовка для Cisco Cisco Tunnel Terminating Gateway (TTG)
ACS Ruledef Configuration Mode Commands
▀ tcp proxy-state
▄ Cisco ASR 5x00 Command Line Interface Reference
1118
Usage
If there is no TCP proxy configured, this configuration is not applicable.
For proxy-enabled flows, TCP state handling interprets the ingress side as the radio side and the egress side
as the Internet side of the TCP connection.
For proxy-enabled flows, TCP state handling interprets the ingress side as the radio side and the egress side
as the Internet side of the TCP connection.
tcp state
and
tcp prev-state
is the state of the client stack, which would be either the state of the
subscriber's stack (if flow is not proxy enabled) or the MS state of proxy on egress-side (if flow is proxy-
enabled).
enabled).
tcp proxy-state
and
tcp proxy-prev-state
is the state of the embedded TCP proxy server, that is the
proxy ingress-side.
So, depending on the use case, if using
So, depending on the use case, if using
tcp state
and
tcp prev-state
an existing configuration may
work fine regardless of whether proxy is enabled. For other use cases, other ruledefs may have to be created.
Both
Both
tcp state
and
tcp proxy-state
can be used in the same ruledef. If proxy was being used, they
would map to the egress-side and ingress-side, respectively. If proxy was not being used, then this would not
match the ruledef because proxy state would not be applicable.
match the ruledef because proxy state would not be applicable.
Example
The following command defines a rule expression to match user traffic based on TCP proxy previous state of
established:
established:
tcp proxy-state = established