# 1310, Tue 31 Oct 95 rules.two-ip-groups # # Nevil Brownlee, ITSS Technology Development, University of Auckland # # # Rule specification file to tally IP packets in three groups: # UA to AIT, UA to elsewhere, AIT to elsewhere # # -------+-------------------+-----------------+-------- # | | | # +----+-----+ +----+-----+ +---+---+ # | UA | | AIT | | meter | # +-+-+-+-+--+ +-+-+-+-+--+ +-------+ # # The rules work as follows: # Non-IP packets are ignored # The 'classify' subroutine is used to determine which IP addresses # are part of 'UA' and which are part of 'AIT.' # ua-to-ait is the 'forward' direction for these flows; ait to ua # packets are retried # SET 5 # RULES SourcePeerType & 255 = IP: PushtoAct, ip_pkt; Null & 0 = 0: Ignore, 0; # ip_pkt: v1 & 0 = SourcePeerAddress: AssignAct, Next; Null & 0 = 0: Gosub, classify; Null & 0 = 0: GotoAct, from_ua; # 1 ua Null & 0 = 0: GotoAct, from_ait; # 2 ait Null & 0 = 0: Retry, 0; # 3 other # from_ua: v1 & 0 = DestPeerAddress: AssignAct, Next; Null & 0 = 0: Gosub, classify; Null & 0 = 0: Ignore, 0; # 1 ua-ua Null & 0 = 0: GotoAct, ok_pkt; # 2 ua-ait Null & 0 = 0: Gotoact, ok_pkt; # 3 ua-other # from_ait: v1 & 0 = DestPeerAddress: AssignAct, Next; Null & 0 = 0: Gosub, classify; Null & 0 = 0: Retry, 0; # 1 ait-ua Null & 0 = 0: Ignore, 0; # 2 ait-ait Null & 0 = 0: Gotoact, ok_pkt; # 3 ait-other # ok_pkt: Null & 0 = 0: count, 0; # # classify: v1 & 255.255.0.0 = 130.216.0.0: gotoact, ua; # ua v1 & 255.255.0.0 = 156.62.0.0: gotoact, ait; # ait Null & 0 = 0: return, 3; # other ua: v1 & 255.255.0.0 = 0: pushpkttoact, next; Null & 0 = 0: return, 1; ait: v1 & 255.255.0.0 = 0: pushpkttoact, next; Null & 0 = 0: return, 2; # # FORMAT FlowRuleSet FlowIndex FirstTime " " SourcePeerType " " SourcePeerAddress DestPeerAddress " " ToOctets FromOctets; # STATISTICS # # end of file