[Top] [Prev] [Next] [Bottom]

Configuring and Monitoring NetBIOS Name and Byte Filters

This document describes the NetBIOS Name and Byte filtering configuration and monitoring commands. It includes:

Displaying the NetBIOS Filtering Prompts

Setting Up NetBIOS Name and Byte Filters

NetBIOS Name and Byte Filter Commands

Update Byte-Filter-List Commands

Update Name-Filter-List Commands

Displaying the NetBIOS Filtering Prompts

This section describes the NetBIOS Name and Byte filter configuration and monitoring commands.

Enter configuration commands at the NetBIOS Filter config> prompt. Display this prompt as follows:

Config>protocol bridge
Transparent Bridge user configuration
Bridge Config>netbios

NetBIOS Support User Configuration

NetBIOS config>set filter name
NETBIOS Filtering configuration
NETBIOS Filter config>
Enter monitoring commands at the NetBIOS Filter> prompt. Display this prompt as follows: 

Bridge>netbios

NetBIOS Support User Console

NetBIOS>set filter name
NETBIOS Filter>

Setting Up NetBIOS Name and Byte Filters

 A name or byte filter is made up of

The router compares each filter item against a packet in the order in which you enter the filter items.

You configure NetBIOS name and byte filters for each port and specify whether the filter applies to input or output packets.

The following sections provide examples of how to set up a host name filter and a byte filter. NetBIOS Name and Byte Filter Commands describes the commands used in these examples.

Example 1: Creating a Name Filter

Use the following procedure as a guideline to create a name filter. Before you begin, display the NETBIOS Filter config> prompt.

Config>protocol bridge
Transparent Bridge user configuration
Bridge Config>netbios
NetBIOS Support User Configuration
NetBIOS config>set filter name
NETBIOS Filtering configuration
NETBIOS Filter config>
1. Create an empty name filter list.

Enter create name-filter-list. The software prompts you to name your filter list. 

NetBIOS Filter config>create name-filter-list
Handle for Name Filter List []? boston
2. Display the configuration prompt for the filter list you just created.

Enter update. The router prompts you for the name of the filter list. 

NetBIOS Filter config>update
Handle for Filter List []? boston
Name Filter List Configuration
NetBIOS Name boston config>
3. Add filter items to the filter list.

When you add a filter item, you must specify the following parameters in this order:

The following example adds a filter item to the filter list boston, which allows packets containing the name westboro (an ASCII string) to be bridged (configured as inclusive). No Special 16th character is configured. 

NetBIOS Name boston config>add inclusive ascii  

Hostname []? westboro
Special 16th character in ASCII hex(<CR> for no special char)[]?

If you do not want to be prompted, enter all parameters as one string on the command line. Use a space between each parameter.

4. Verify the filter item entry.

Enter list to verify your entry. 

NetBIOS Name boston config>list


NAME Filter List Name: boston
NAME Filter List Default: Inclusive

Item #   Type    Inc/Ex    Hostname         Last Char

   1      ASCII    Inc      westboro
5. Add additional filter items to the filter list.

Repeat step 3 to add filter items to the filter list.

The order in which you enter filter items is important. This determines how the router applies the filter items to a packet. The first match stops the application of filter items and the router either forwards or drops the packet, depending on whether the filter item is Inclusive or Exclusive.

Entering the most common filter items first makes the filtering process more efficient because the software is more likely to make a match at the beginning of the list.

If the packet does not match any of the filter items, the router uses the default condition (Inclusive or Exclusive) of the filter list. You can change the default condition of the list by entering default inclusive or default exclusive at the filter list configuration prompt. For example: 

NETBIOS Name boston config>default exclusive
6. When you finish adding filter items to the filter list, enter exit to return to the NetBIOS Filter config> prompt. 

NetBIOS Name boston config>exit
NetBIOS Filter config>
7. Add the filter list to your configuration.

Use the filter-on command. When you turn on a name filter, you must specify the following parameters in this order:

The following example adds a name filter comprised of the name filter list boston. The router evaluates all packets input on port 3 according to the filter items in the filter list boston. This means the router bridges all packets input on port 3 that contain the name westboro. 

NetBIOS Filter config>filter-on input
Port Number [1]? 3
Filter List []? boston
8. Enter list to verify the new filter. 

NetBIOS Filter config>list

NetBIOS Filtering: Disabled

NetBIOS Filter Lists
--------------------

    Handle           Type

    nlist            Name
    newyork          Name
    HELLO            Byte
    boston           Name

NetBIOS Filters
---------------

    Port #      Direction      Filter List Handle(s)

       3          Output       nlist
       1          Input        newyork OR HELLO
       3          Input        boston
9. Globally enable NetBIOS name and byte filtering on the router.

Enter enable netbios-filtering. 

NetBIOS Filter config>enable netbios-filtering

Example 2: Creating a Byte Filter

 Use the following procedure as a guideline for creating a byte filter. Before you begin, display the NetBIOS Filter config> prompt.

Config>protocol bridge
Transparent Bridge user configuration
Bridge Config>netbios

NetBIOS Support User Configuration

NetBIOS config>set filter byte
NETBIOS Filtering configuration
NETBIOS Filter config>
1. Create an empty byte filter list.

Use the create byte-filter-list command. 

NetBIOS Filter config>create byte-filter-list
Handle for Byte Filter List []? westport
2. Display the configuration prompt for the filter list you just created.

Enter update. The router prompts you for the name of the filter list. 

NetBIOS Filter config>update
Handle for Filter List []? westport
Byte Filter List Configuration
NetBIOS Byte westport config>
3. Add filter items to the byte filter list.

When you add a filter item, you must specify the following parameters in this order:

The following example adds a filter item to the byte filter list westboro that causes the router to bridge packets with a hex pattern 0x12345678 at a byte offset of 0 (configured as inclusive). No hex mask is present. 

NetBIOS Byte westport config>add inclusive
Byte Offset [0]? 0
Hex Pattern []? 12345678
Hex Mask (<CR> for no mask) []?
4. Verify the filter item entry with the list command. 

NetBIOS Byte westport config>list

BYTE Filter List Name: westport
BYTE Filter List Default: Inclusive

 Item #   Inc/Ex   Offset  Pattern        Mask

   1       Inc        0    0x12345678     0xFFFFFFFF
5. Add additional filter items to the filter list.

Repeat step 3 to add filter items to the filter list.

The order in which you enter filter items is important. This determines how the router applies the filter to a packet. The first match stops the application of filter items and the router either forwards or drops the packet, depending on whether the filter item is inclusive or exclusive.

Entering the most common filter items first makes the filtering process more efficient because the software is more likely to make a match at the beginning of the list rather than having to check the whole list before making a match.

If the packet does not match any of the filter items, the router uses the default condition (Inclusive or Exclusive) of the filter list. You can change the default condition of the list by entering default inclusive or default exclusive at the filter list configuration prompt. For example: 

NETBIOS Byte westport config>default exclusive
6. When you have finished adding filter items to the list, enter exit to return to the NetBIOS Filter config> prompt. 

NetBIOS Byte westport config>exit
NetBIOS Filter config>
7. Add the filter to your configuration.

Use the filter-on command. When you turn on a byte filter, you must specify the following parameters in this order:

The following example adds a byte filter to packets output on port 3. It is comprised of the byte filter list westboro. The router evaluates all packets output on port 3 according to filter items contained in the filter list westboro. 

NetBIOS Filter config>filter-on output
Port Number [1]? 3
Filter List []? westboro
8. Verify the new filter.

Enter list to verify the filter. 

NetBIOS Filter config>list

NetBIOS Filtering: Disabled

NetBIOS Filter Lists
--------------------

    Handle           Type

    nlist            Name
    newyork          Name
    HELLO            Byte
    westboro         Byte

NetBIOS Filters
---------------

    Port #      Direction      Filter List Handle(s)

       3          Output       nlist
       1          Input        newyork OR HELLO
       3          Output       westboro
9. Globally enable NetBIOS name and byte filtering on the router.

Enter enable netbios-filtering. 

NetBIOS Filter config>enable netbios-filtering

NetBIOS Name and Byte Filter Commands

 Table 1 lists the NetBIOS name and byte filtering commands. Not all parameters apply to all router platforms. Press Space after you type a command to display the available parameters for each command for your router. Enter help for information about using the command line interface.

[C] means the command is available at the NetBIOS Filter config> prompt.

[M] means the command is available at the NetBIOS Filter> prompt.

Table 1 NetBIOS Name and Byte Filter Commands
Command Function
Create [C] Creates byte filter and name filter lists for NetBIOS filtering.

Delete [C] Deletes byte filter and name filter lists for NetBIOS filtering.

Disable [C] Disables NetBIOS name and byte filtering on the router.

Enable [C] Enables NetBIOS name and byte filtering on the router.

Exit [C] [M] Returns you to the previous prompt.

Filter-on [C] Assigns a filter to a specific port. You can then apply this filter to NetBIOS packets input or output on the specified port.

List [C] [M] Displays all information concerning created filters.

Update [C] Adds information to or deletes information from a name or byte filter list.

Create [C]

Creates a byte filter list or a name filter list.

Syntax: create

byte-filter-list
name-filter-list

byte-filter-list filter-list

Creates a byte filter list. Give the list a unique name of up to 16 characters. You use this name to identify the filter list.

Example: create byte-filter-list

Handle for Byte Filter List []? newyork

name-filter-list filter-list

Creates a name filter list. Give the list a unique name of up to 16 characters. You use this name to identify the filter list.

Example: create name-filter-list

Handle for Name Filter List []? boston

Delete [C]

Deletes byte filter lists, host name filter lists, and filters. Delete removes all information associated with byte and host-name filter lists.

Syntax: delete

byte-filter-list
name-filter-list
filter input
filter output

byte-filter-list filter-list

Deletes a byte filter list.

Example: delete byte-filter-list

Handle for Byte Filter List []? newyork

name-filter-list filter-list

Deletes a host-name filter list.

Example: delete name-filter-list newyork

Handle for Name Filter List []? boston

filter input port#

Deletes a filter created with the filter-on input command.

Removes all information associated with the filter and fills any resulting gap in filter numbers.

Example: delete filter input

Port Number [1]?

filter output port#

Deletes a filter created with the filter-on output command.

Removes all information associated with the filter and fills any resulting gap in filter numbers.

Example: delete filter output

Port Number [1]?

Disable [C]

Globally disables NetBIOS name and byte filtering on the router.

Syntax: disable netbios-filtering

Example: disable netbios-filtering

Enable [C]

Globally enables NetBIOS name and byte filtering on the router.

Syntax: enable netbios-filtering

Example: enable netbios-filtering

Exit [C] [M]

Returns to the previous prompt.

Syntax: exit

Example: exit

Filter-on [C]

Assigns one or more previously configured filter lists to the input or output of a specific port.

Syntax: filter-on

input
output

input port# filter-list AND or OR filter-list

Assigns one or more filter lists to incoming packets on a port. The router applies the resulting filter to all NetBIOS packets input on the specified port.

Port# is a configured bridging port number on the router. The port number identifies this filter. Enter list to see a list of port numbers. Use the create command to make a filter list. To add additional filter lists to this port, enter AND or OR in all capital letters followed by the filter list name.

The router applies the filter you create with this command to all incoming NetBIOS packets on the specified port. The router evaluates each filter list on the command line from left to right. If a packet matches an inclusive filter, the router bridges the packet. If a packet matches an exclusive filter, the router drops the packet.

If the packet is not one of the types that NetBIOS name or byte filtering supports, the router bridges the packet.

Example: filter-on input

Port Number [1]? 2 
Filter List []? newyork AND boston

output port# filter-list AND or OR filter-list

Assigns one or more filter lists to outgoing packets on a port. The router applies this filter to all NetBIOS packets output on that port.

Port# is a configured bridging port number on the router. The port number identifies this filter. Enter list to see a list of port numbers. Use the create command to make a filter list. To add additional filter lists to this port, enter AND or OR in all capital letters followed by the filter list name.

The router applies the filter you create with this command to all outgoing NetBIOS packets on the specified port. The router evaluates each filter list on the command line from left to right. If a packet matches an inclusive filter, the router bridges the packet. If a packet matches an exclusive filter, the router drops the packet.

If the packet is not one of the types that NetBIOS name or byte filtering suports, the router bridges the packet.

Example: filter-on output

Port Number [1]? 2
Filter List []? newyork OR boston

List [C] [M]

Displays filter information.

List [C]

Displays information on all name and byte filters.

Syntax: list

Example: list

NETBIOS Filtering: Enabled

NETBIOS Filter Lists
--------------------    

    Handle           Type   
 
    boston           Name
    newport          Byte

NETBIOS Filters
---------------    
  Port #      Direction      Filter List Handle(s)           
    1          Input         boston AND newport
    2          Output        boston
NetBIOS Filtering

 Displays whether NetBIOS filtering is enabled or disabled.

NetBIOS Filter Lists

 Shows the name (handle) of the filter lists, as well as the type, either Name or Byte.

NetBIOS Filters

 Assigned port number and direction (input or output) of each filter. Filter List Handle(s) displays the name(s) of the filter list(s) making up the filter.

List [M]

Displays information on all filters, on byte filters, or on name filters.

Syntax: list

byte-filter-lists
name-filter-lists
filters

byte-filter-lists

 Displays all of the byte filter lists that you created.

Example: list byte-filter-lists

BYTE Filter List Name: newport
BYTE Filter List Default: Inclusive 

Filter Item #   Inc/Ex    Byte Offset  Pattern        Mask      
      1        Inclusive       2        0x22           0x11
      2        Exclusive       0        0x22           0x22

BYTE Filter List Name: test1
BYTE Filter List Default: Inclusive 

Filter Item #   Inc/Ex    Byte Offset  Pattern        Mask      
      1        Inclusive       2       0x22           0xFF

name-filter-lists

 Displays all of the name filter lists that you created.

Example: list name-filter-lists

NAME Filter List Name: boston
NAME Filter List Default: Exclusive 

Filter Item #   Type    Inc/Ex        Hostname       Last Char
     1         ASCII   Inclusive     westboro        

NAME Filter List Name: newyork
NAME Filter List Default: Inclusive 

Filter Item #   Type    Inc/Ex        Hostname       Last Char
     1         ASCII   Inclusive      newyork1

filters

 Lists all of the filters that you created and the number of packets the router filtered as a result of those filters.

Example: list filters

NETBIOS Filtering: Enabled    

Port #    Direction      Filter List Handle(s)   Pkts Filtered       
  1          Input        newyork OR boston              0
  1          Output       boston AND newport

Update [C]

Displays the NETBIOS Byte (or Name) filter-list config> prompt, which lets you update the specified filter list. At this prompt you can add, delete, list, or move items in byte and name filter lists. You can also set the default of each filter list to inclusive or exclusive.

Syntax: update filter-list

Example: update newyork

NETBIOS Byte newyork Config>
At this new prompt, you can enter several commands. The following sections describe these commands.

Update Byte-Filter-List Commands

This section describes the commands available at the NETBIOS Byte filter-list config> prompt.

add inclusive or exclusive byte-offset hex-pattern hex-mask

Adds a filter item to the filter list. When you add a filter item, the router numbers the item and displays the number of the filter item you just added.

Note: Adding filter items to filter lists adds to processing time due to the time it takes to evaluate each item in the list. It can affect performance in heavy NetBIOS traffic.

The order in which you enter filter items is important as this determines how the router applies filter items to a packet. The router stops comparing the packet to a filter when it finds the first match.

If the offset and pattern of a byte filter item represent bytes that do not exist in a NetBIOS packet (for example, if the packet is shorter than was intended when setting up a byte-filter list), the router does not apply the filter to the packet. If you use a series of byte filter items to set up a single NetBIOS filter list, then a packet is not tested for filtering if any of the byte filter items within the NetBIOS filter list represent bytes that do not exist in the NetBIOS packet.

Example: add inclusive

Byte Offset [0]?
Hex Pattern []? 
Hex Mask (<CR> for no mask) []?
The following example shows how to filter Datagram Broadcast Packets.

Example: add exclusive

Byte Offset [0]? 4
Hex Pattern []? 09
Hex Mask (<CR> for no mask) []?

default inclusive or exclusive

 Changes the default setting of the filter list to inclusive or exclusive. If no filter items match the contents of the packet the router considers for filtering, the router forwards or drops the packet, depending on this setting.

Example: default inclusive

delete filter-item

Deletes a filter item from the filter list. The software immediately renumbers the list. To see a list of item numbers, enter list.

Example: delete

Filter Item Number [1]? 2

exit

 Returns to the previous command prompt level.

Example: exit

list

Displays information related to filter items in the filter list.

Example: list

BYTE Filter List Name:     Enginering 
BYTE Filter List Default:  Exclusive

Filter Item # 	Inc/Ex       Byte Offset    Pattern          Mask

   1          Inclusive        14         0x123456          0xFFFF00
   2          Exclusive         0         0x9876            0xFFFF
   3          Exclusive        28         0x1000000         0xFF00FF00

move filter-item1 filter-item2

 Re-orders filter items within the filter list. To see a list of item numbers, enter list.

Example: move

Source Filter Item Number [1]? 3
After Destination Filter Item Number [0]? 1

Update Name-Filter-List Commands

 This section lists the commands available at the NETBIOS Name filter-list config> prompt.

add inclusive or exclusive ASCII host-name special-16th-char

Adds a filter item to the name filter list. The router compares the following frames and fields with the information you enter with this command:

Enter the following information with this command:

Example: add inclusive ascii 

Hostname []? newport
Special 16th character in ASCII hex (<CR> for no special character)[]?

add inclusive or exclusive HEX hexstring

 Adds a filter item to the name filter list. This command is functionally the same as add inclusive ascii. However, you enter the name as a series of hexadecimal numbers (with no 0x in front).

Hexstring must consist of an even number of hexadecimal numbers. Specify a wildcard for a single byte by ??. If you do not supply a full 32 hexadecimal numbers, the router pads ASCII blanks to the 29th and 30th numbers and supplies a wildcard as the 31st and 32nd (16th byte) numbers.

Example: add inclusive hex

Hex String []?

default inclusive or exclusive

 Changes the default setting of the filter list to inclusive or exclusive. If no filter items match the packet the router considers for filtering, the router forwards or drops the packet, depending on this setting.

Example: default inclusive

delete filter-item

Deletes a filter item from the filter list. To see a list of item numbers, enter list.

Example: delete

Filter Item Number [1]? 4

exit

 Exits to the previous prompt level.

Example: exit

list

Displays information related to items in the specified filter list.

Example: list

NAME Filter List Name: nlist
NAME Filter List Default: Exclusive

 Filter Item #   Type    Inc/Ex        Hostname       Last Char

       1         ASCII   Inclusive     EROS            
       2         ASCII   Inclusive     ATHENA          
       3         ASCII   Exclusive     FOOBAR

move filter-item1 filter-item2

 Re-orders filter items within the filter list. To see a list of item numbers, enter list.

Example: move

Source Filter Item Number [1]? 
After Destination Filter Item Number [0]?

[Top] [Prev] [Next] [Bottom]

docs@openroute.com
Copyright © 1998, OpenROUTE Networks, Inc. All rights reserved.