Configuring and Monitoring NetBIOS Name and Byte Filters

Displaying the NetBIOS Filtering Prompts

This section describes the NetBIOS Name and Byte filter configuration and monitoring commands.

Enter configuration commands at the NetBIOS Filter config> prompt. Display this prompt as follows:

Config>protocol bridge
Transparent Bridge user configuration
Bridge Config>netbios

NetBIOS Support User Configuration

NetBIOS config>set filter name
NETBIOS Filtering configuration
NETBIOS Filter config>

Enter monitoring commands at the NetBIOS Filter> prompt. Display this prompt as follows:

Bridge>netbios

NetBIOS Support User Console

NetBIOS>set filter name
NETBIOS Filter>

Setting Up NetBIOS Name and Byte Filters

A name or byte filter is made up of

Filter lists, which are made up of one or more filter items
Filter items, which specify the NetBIOS names you want to filter

The router compares each filter item against a packet in the order in which you enter the filter items.

You configure NetBIOS name and byte filters for each port and specify whether the filter applies to input or output packets.

The following sections provide examples of how to set up a host name filter and a byte filter. NetBIOS Name and Byte Filter Commands describes the commands used in these examples.

Example 1: Creating a Name Filter

Use the following procedure as a guideline to create a name filter. Before you begin, display the NETBIOS Filter config> prompt.

Config>protocol bridge
Transparent Bridge user configuration
Bridge Config>netbios

NetBIOS Support User Configuration

NetBIOS config>set filter name
NETBIOS Filtering configuration
NETBIOS Filter config>

1. Create an empty name filter list.

Enter create name-filter-list. The software prompts you to name your filter list.

NetBIOS Filter config>create name-filter-list
Handle for Name Filter List []? boston

2. Display the configuration prompt for the filter list you just created.

Enter update. The router prompts you for the name of the filter list.

NetBIOS Filter config>update
Handle for Filter List []? boston
Name Filter List Configuration
NetBIOS Name boston config>

3. Add filter items to the filter list.

When you add a filter item, you must specify the following parameters in this order:

Inclusive (bridged) or exclusive (dropped).
ASCII or hex is how you enter the name.
Hostname is the actual name in either an ASCII or hex format. This entry is case sensitive.
Special 16th character is an optional parameter for use with ASCII strings containing fewer than 16 characters. The following example adds a filter item to the filter list boston, which allows packets containing the name westboro (an ASCII string) to be bridged (configured as inclusive). No Special 16th character is configured.

NetBIOS Name boston config>add inclusive ascii  

Hostname []? westboro
Special 16th character in ASCII hex(<CR> for no special char)[]?
If you do not want to be prompted, enter all parameters as one string on the command line.  Use a space between each parameter.

4. Verify the filter item entry.

Enter list to verify your entry.

NetBIOS Name boston config>list

NAME Filter List Name: boston
NAME Filter List Default: Inclusive

Item # Type Inc/Ex Hostname Last Char

1 ASCII Inc westboro

5. Add additional filter items to the filter list.

Repeat step 3 to add filter items to the filter list.

The order in which you enter filter items is important. This determines how the router applies the filter items to a packet. The first match stops the application of filter items and the router either forwards or drops the packet, depending on whether the filter item is Inclusive or Exclusive.

Entering the most common filter items first makes the filtering process more efficient because the software is more likely to make a match at the beginning of the list.

If the packet does not match any of the filter items, the router uses the default condition (Inclusive or Exclusive) of the filter list. You can change the default condition of the list by entering default inclusive or default exclusive at the filter list configuration prompt. For example:

NETBIOS Name boston config>default exclusive

6. When you finish adding filter items to the filter list, enter exit to return to the NetBIOS Filter config> prompt.

NetBIOS Name boston config>exit
NetBIOS Filter config>

7. Add the filter list to your configuration.

Use the filter-on command. When you turn on a name filter, you must specify the following parameters in this order:

Input filters incoming packets or output filters outgoing packets.
Port# is the desired configured bridging port number on the router.
Filter-list is the name of the filter list (containing filter items) that you want to be included in this filter.
Optionally add additional filter lists to the filter. Enter AND or OR in upper-case letters followed by a filter list name. The following example adds a name filter comprised of the name filter list boston. The router evaluates all packets input on port 3 according to the filter items in the filter list boston. This means the router bridges all packets input on port 3 that contain the name westboro.

NetBIOS Filter config>filter-on input
Port Number [1]? 3
Filter List []? boston

8. Enter list to verify the new filter.

NetBIOS Filter config>list

NetBIOS Filtering: Disabled

NetBIOS Filter Lists
--------------------

Handle Type

nlist Name
newyork Name
HELLO Byte
boston Name

NetBIOS Filters
---------------

Port # Direction Filter List Handle(s)

3 Output nlist
1 Input newyork OR HELLO
3 Input boston

9. Globally enable NetBIOS name and byte filtering on the router.

Enter enable netbios-filtering.

NetBIOS Filter config>enable netbios-filtering

Example 2: Creating a Byte Filter

Use the following procedure as a guideline for creating a byte filter. Before you begin, display the NetBIOS Filter config> prompt.

Config>protocol bridge
Transparent Bridge user configuration
Bridge Config>netbios

NetBIOS Support User Configuration

NetBIOS config>set filter byte
NETBIOS Filtering configuration
NETBIOS Filter config>

1. Create an empty byte filter list.

Use the create byte-filter-list command.

NetBIOS Filter config>create byte-filter-list
Handle for Byte Filter List []? westport

2. Display the configuration prompt for the filter list you just created.

Enter update. The router prompts you for the name of the filter list.

NetBIOS Filter config>update
Handle for Filter List []? westport
Byte Filter List Configuration
NetBIOS Byte westport config>

3. Add filter items to the byte filter list.

When you add a filter item, you must specify the following parameters in this order:

Inclusive (bridged) or exclusive (dropped).
Byte offset is the number of bytes (in decimal) to offset into the packet the router is filtering. This starts at the NetBIOS header of the packet. Zero specifies that the router examines all bytes in the packet.
Hex pattern is a hexadecimal number the router uses to compare with the bytes starting at the byte offset. See NetBIOS Name and Byte Filter Commands for syntax rules.
Hex mask if present, must be the same length as hex pattern. It is logically ANDed with the bytes in the packet, starting at byte offset, before the router compares the result with the hex pattern. If you omit the hex mask, the router considers it to be all binary 1s. The following example adds a filter item to the byte filter list westboro that causes the router to bridge packets with a hex pattern 0x12345678 at a byte offset of 0 (configured as inclusive). No hex mask is present.

NetBIOS Byte westport config>add inclusive
Byte Offset [0]? 0
Hex Pattern []? 12345678
Hex Mask (<CR> for no mask) []?

4. Verify the filter item entry with the list command.

NetBIOS Byte westport config>list

BYTE Filter List Name: westport
BYTE Filter List Default: Inclusive

Item # Inc/Ex Offset Pattern Mask

1 Inc 0 0x12345678 0xFFFFFFFF

5. Add additional filter items to the filter list.

Repeat step 3 to add filter items to the filter list.

The order in which you enter filter items is important. This determines how the router applies the filter to a packet. The first match stops the application of filter items and the router either forwards or drops the packet, depending on whether the filter item is inclusive or exclusive.

Entering the most common filter items first makes the filtering process more efficient because the software is more likely to make a match at the beginning of the list rather than having to check the whole list before making a match.

NETBIOS Byte westport config>default exclusive

6. When you have finished adding filter items to the list, enter exit to return to the NetBIOS Filter config> prompt.

NetBIOS Byte westport config>exit
NetBIOS Filter config>

7. Add the filter to your configuration.

Use the filter-on command. When you turn on a byte filter, you must specify the following parameters in this order:

Input filters incoming packets or output filters outgoing packets.
Port Number is the desired configured bridging port number.
Filter List is the name of the filter list (containing filter items) that you want included in this filter.
Optionally add additional filter lists to the filter. Enter AND or OR in upper-case letters followed by a filter list name. The following example adds a byte filter to packets output on port 3. It is comprised of the byte filter list westboro. The router evaluates all packets output on port 3 according to filter items contained in the filter list westboro.

NetBIOS Filter config>filter-on output
Port Number [1]? 3
Filter List []? westboro

8. Verify the new filter.

Enter list to verify the filter.

NetBIOS Filter config>list

NetBIOS Filtering: Disabled

NetBIOS Filter Lists
--------------------

Handle Type

nlist Name
newyork Name
HELLO Byte
westboro Byte

NetBIOS Filters
---------------

Port # Direction Filter List Handle(s)

3 Output nlist
1 Input newyork OR HELLO
3 Output westboro

9. Globally enable NetBIOS name and byte filtering on the router.

Enter enable netbios-filtering.

NetBIOS Filter config>enable netbios-filtering

NetBIOS Name and Byte Filter Commands

Table 1 lists the NetBIOS name and byte filtering commands. Not all parameters apply to all router platforms.

Press Space after you type a command to display the available parameters for each command for your router. Enter help for information about using the command line interface.

Table 1 NetBIOS Name and Byte Filter Commands

Command Task Function

Create Configure
Creates byte filter and name filter lists for NetBIOS filtering.

Delete Configure
Deletes byte filter and name filter lists for NetBIOS filtering.

Disable Configure
Disables NetBIOS name and byte filtering on the router.

Enable Configure
Enables NetBIOS name and byte filtering on the router.

Exit Configure/Monitor
Returns you to the previous prompt.

Filter-on Configure
Assigns a filter to a specific port. You can then apply this filter to NetBIOS packets input or output on the specified port.

List Configure/
Monitor
Displays all information concerning created filters.

Update Configure
Adds information to or deletes information from a name or byte filter list.

Table 1 NetBIOS Name and Byte Filter Commands
Command	Task	Function
Create	Configure	Creates byte filter and name filter lists for NetBIOS filtering.
Delete	Configure	Deletes byte filter and name filter lists for NetBIOS filtering.
Disable	Configure	Disables NetBIOS name and byte filtering on the router.
Enable	Configure	Enables NetBIOS name and byte filtering on the router.
Exit	Configure/Monitor	Returns you to the previous prompt.
Filter-on	Configure	Assigns a filter to a specific port. You can then apply this filter to NetBIOS packets input or output on the specified port.
List	Configure/ Monitor	Displays all information concerning created filters.
Update	Configure	Adds information to or deletes information from a name or byte filter list.

Create [C]

Creates a byte filter list or a name filter list.

Syntax: create

byte-filter-list
name-filter-list

byte-filter-list filter-list

Creates a byte filter list. Give the list a unique name of up to 16 characters. You use this name to identify the filter list.

Example: create byte-filter-list

Handle for Byte Filter List []? newyork

name-filter-list filter-list

Creates a name filter list. Give the list a unique name of up to 16 characters. You use this name to identify the filter list.

Example: create name-filter-list

Handle for Name Filter List []? boston

Delete [C]

Deletes byte filter lists, host name filter lists, and filters. Delete removes all information associated with byte and host-name filter lists.

Syntax: delete

byte-filter-list
name-filter-list
filter input
filter output

byte-filter-list filter-list

Deletes a byte filter list.

Example: delete byte-filter-list

Handle for Byte Filter List []? newyork

name-filter-list filter-list

Deletes a host-name filter list.

Example: delete name-filter-list newyork

Handle for Name Filter List []? boston

filter input port#

Deletes a filter created with the filter-on input command.

Removes all information associated with the filter and fills any resulting gap in filter numbers.

Example: delete filter input

Port Number [1]?

filter output port#

Deletes a filter created with the filter-on output command.

Removes all information associated with the filter and fills any resulting gap in filter numbers.

Example: delete filter output

Port Number [1]?

Disable [C]

Globally disables NetBIOS name and byte filtering on the router.

Syntax: disable netbios-filtering

Example: disable netbios-filtering

Enable [C]

Globally enables NetBIOS name and byte filtering on the router.

Syntax: enable netbios-filtering

Example: enable netbios-filtering

Exit [C] [M]

Returns to the previous prompt.

Syntax: exit

Example: exit

Filter-on [C]

Assigns one or more previously configured filter lists to the input or output of a specific port.

Syntax: filter-on

input
output

input port# filter-list AND or OR filter-list

Assigns one or more filter lists to incoming packets on a port. The router applies the resulting filter to all NetBIOS packets input on the specified port.

Port# is a configured bridging port number on the router. The port number identifies this filter. Enter list to see a list of port numbers. Use the create command to make a filter list. To add additional filter lists to this port, enter AND or OR in all capital letters followed by the filter list name.

The router applies the filter you create with this command to all incoming NetBIOS packets on the specified port. The router evaluates each filter list on the command line from left to right. If a packet matches an inclusive filter, the router bridges the packet. If a packet matches an exclusive filter, the router drops the packet.

If the packet is not one of the types that NetBIOS name or byte filtering supports, the router bridges the packet.

Example: filter-on input

Port Number [1]? 2 
Filter List []? newyork AND boston

output port# filter-list AND or OR filter-list

Assigns one or more filter lists to outgoing packets on a port. The router applies this filter to all NetBIOS packets output on that port.

The router applies the filter you create with this command to all outgoing NetBIOS packets on the specified port. The router evaluates each filter list on the command line from left to right. If a packet matches an inclusive filter, the router bridges the packet. If a packet matches an exclusive filter, the router drops the packet.

If the packet is not one of the types that NetBIOS name or byte filtering suports, the router bridges the packet.

Example: filter-on output

Port Number [1]? 2
Filter List []? newyork OR boston

List [C] [M]

Displays filter information.

List [C]

Displays information on all name and byte filters.

Syntax: list

Example: list

NETBIOS Filtering: Enabled

NETBIOS Filter Lists
--------------------

Handle Type

boston Name
newport Byte

NETBIOS Filters
---------------
Port # Direction Filter List Handle(s)
1 Input boston AND newport
2 Output boston


NetBIOS Filtering	Displays whether NetBIOS filtering is enabled or disabled.
NetBIOS Filter Lists	Shows the name (handle) of the filter lists, as well as the type, either Name or Byte.
NetBIOS Filters	Assigned port number and direction (input or output) of each filter. Filter List Handle(s) displays the name(s) of the filter list(s) making up the filter.

List [M]

Displays information on all filters, on byte filters, or on name filters.

Syntax: list

byte-filter-lists
name-filter-lists
filters

Update [C]

Displays the NETBIOS Byte (or Name) filter-list config> prompt, which lets you update the specified filter list. At this prompt you can add, delete, list, or move items in byte and name filter lists. You can also set the default of each filter list to inclusive or exclusive.

Syntax: update filter-list

Example: update newyork

NETBIOS Byte newyork Config>

At this new prompt, you can enter several commands. The following sections describe these commands.

Update Byte-Filter-List Commands

This section describes the commands available at the NETBIOS Byte filter-list config> prompt.

add inclusive or exclusive byte-offset hex-pattern hex-mask

Adds a filter item to the filter list. When you add a filter item, the router numbers the item and displays the number of the filter item you just added.

Note: Adding filter items to filter lists adds to processing time due to the time it takes to evaluate each item in the list. It can affect performance in heavy NetBIOS traffic. The order in which you enter filter items is important as this determines how the router applies filter items to a packet. The router stops comparing the packet to a filter when it finds the first match.

Inclusive (bridged) or exclusive (dropped).
Byte offset is the number of bytes (in decimal) to offset into the packet the router is filtering. This starts at the NetBIOS header of the packet. Zero specifies that the router examines all bytes in the packet.
Hex pattern is a hexadecimal number used to compare with the bytes starting at the byte offset. Syntax rules for hex-pattern include no 0x in front, a maximum of 32 numbers, and an even number of hex numbers.
Hex mask if present, must be the same length as hex pattern. It is logically ANDed with the bytes in the packet, starting at byte offset, before the router compares the result with the hex pattern. If you omit the hex mask, the router considers it to be all binary 1s.

If the offset and pattern of a byte filter item represent bytes that do not exist in a NetBIOS packet (for example, if the packet is shorter than was intended when setting up a byte-filter list), the router does not apply the filter to the packet. If you use a series of byte filter items to set up a single NetBIOS filter list, then a packet is not tested for filtering if any of the byte filter items within the NetBIOS filter list represent bytes that do not exist in the NetBIOS packet.

Example: add inclusive

Byte Offset [0]?
Hex Pattern []? 
Hex Mask (<CR> for no mask) []?

The following example shows how to filter Datagram Broadcast Packets.

Example: add exclusive

Byte Offset [0]? 4
Hex Pattern []? 09
Hex Mask (<CR> for no mask) []?

default inclusive or exclusive

Changes the default setting of the filter list to inclusive or exclusive. If no filter items match the contents of the packet the router considers for filtering, the router forwards or drops the packet, depending on this setting.

Example: default inclusive

delete filter-item

Deletes a filter item from the filter list. The software immediately renumbers the list. To see a list of item numbers, enter list.

Example: delete

Filter Item Number [1]? 2

exit

Returns to the previous command prompt level.

Example: exit

list

Displays information related to filter items in the filter list.

Example: list

BYTE Filter List Name: Enginering
BYTE Filter List Default: Exclusive

Filter Item # Inc/Ex Byte Offset Pattern Mask

1 Inclusive 14 0x123456 0xFFFF00
2 Exclusive 0 0x9876 0xFFFF
3 Exclusive 28 0x1000000 0xFF00FF00

move filter-item1 filter-item2

Re-orders filter items within the filter list. To see a list of item numbers, enter list.

Example: move

Source Filter Item Number [1]? 3
After Destination Filter Item Number [0]? 1

Update Name-Filter-List Commands

This section lists the commands available at the NETBIOS Name filter-list config> prompt.

add inclusive or exclusive ASCII host-name special-16th-char

Adds a filter item to the name filter list. The router compares the following frames and fields with the information you enter with this command:

ADD_GROUP_NAME_QUERY: Source NetBIOS name field
ADD_NAME_QUERY: Source NetBIOS name field
DATAGRAM: Destination NetBIOS name field
NAME_QUERY: Destination NetBIOS name field

Enter the following information with this command:

Inclusive (bridged) or exclusive (dropped).
Hostname is an ASCII string up to 16 characters. It can contain any character but the following: . / \ [ ] : | < > + = ; , space. Use ? to indicate a single character wildcard. Use * as the final character of the name to indicate a wildcard for the remainder of the name. If the name contains fewer than 15 characters, it is padded to the 15th character with ASCII spaces.
Special 16th character can be used if host-name contains fewer than 16 characters. It is a hexadecimal number (with no 0x in front of it) that indicates the value for the last character. If you do not specify a 16th character on a name less than 16 characters, the router uses a ? wildcard for the 16th character.

Example: add inclusive ascii

Hostname []? newport
Special 16th character in ASCII hex (<CR> for no special character)[]?

add inclusive or exclusive HEX hexstring

Adds a filter item to the name filter list. This command is functionally the same as add inclusive ascii. However, you enter the name as a series of hexadecimal numbers (with no 0x in front).

Hexstring must consist of an even number of hexadecimal numbers. Specify a wildcard for a single byte by ??. If you do not supply a full 32 hexadecimal numbers, the router pads ASCII blanks to the 29th and 30th numbers and supplies a wildcard as the 31st and 32nd (16th byte) numbers.

Example: add inclusive hex

Hex String []?

default inclusive or exclusive

Changes the default setting of the filter list to inclusive or exclusive. If no filter items match the packet the router considers for filtering, the router forwards or drops the packet, depending on this setting.

Example: default inclusive

delete filter-item

Deletes a filter item from the filter list. To see a list of item numbers, enter list.

Example: delete

Filter Item Number [1]? 4

exit

Exits to the previous prompt level.

Example: exit

list

Displays information related to items in the specified filter list.

Example: list

NAME Filter List Name: nlist
NAME Filter List Default: Exclusive

Filter Item # Type Inc/Ex Hostname Last Char

1 ASCII Inclusive EROS
2 ASCII Inclusive ATHENA
3 ASCII Exclusive FOOBAR

move filter-item1 filter-item2

Re-orders filter items within the filter list. To see a list of item numbers, enter list.

Example: move

Source Filter Item Number [1]? 
After Destination Filter Item Number [0]?

docs@openroute.com

Configuring and Monitoring NetBIOS Name and Byte Filters

Setting Up NetBIOS Name and Byte Filters

NetBIOS Name and Byte Filter Commands

Update Byte-Filter-List Commands

Update Name-Filter-List Commands

Displaying the NetBIOS Filtering Prompts

Setting Up NetBIOS Name and Byte Filters

Example 2: Creating a Byte Filter

NetBIOS Name and Byte Filter Commands

Table 1 NetBIOS Name and Byte Filter Commands

byte-filter-list filter-list

name-filter-list filter-list

Delete [C]

byte-filter-list filter-list

name-filter-list filter-list

filter input port#

filter output port#

Disable [C]

input port# filter-list AND or OR filter-list

output port# filter-list AND or OR filter-list

List [C] [M]

byte-filter-lists

name-filter-lists

filters

default inclusive or exclusive

exit

move filter-item1 filter-item2

Update Name-Filter-List Commands

add inclusive or exclusive HEX hexstring

default inclusive or exclusive

exit

move filter-item1 filter-item2