Procedure:

How To: Create or Edit a Traffic Management Filter

From the top navigation pane, click Profiles. The Profiles screen displays.

From the navigation pane on the left, click the + sign next to the Inspection Profiles to expand the category.

From the navigation pane on the left, locate and expand the Profile you will be working with.

Select the Traffic Management tab.

The Traffic Management screen displays.

Perform one of the following tasks:

To create a new filter, click New or right-click a selected filter and choose New.
To edit and existing filter, select a filter and click Edit or right-click the selected filter and choose Edit.

The Create/Edit Traffic Management Filter dialog opens.

Locked: To lock the filter, select the Locked check box.
Inheritance: To use inherited settings, select these Inherited Settings checkbox. Note: This option is only available if the filter has been inherited from another Profile.

For Filter Info, enter a filter name. The profile for the filter displays below the name.

Note: If you want to apply special handling for IP protocol packet fragments, check the appropriate box to create a filter for fragments only. Generally, this option is used on applications, such as streaming media. If you use this option to create special handling for packet fragments, you must create another rule to handle non-fragmented packets.

Fraction, select one of the following actions for the filter:

Enabled: If the check box is not selected, the filter is disabled.
Block: Select to block traffic
Allow: Incoming traffic will be inspected using profile settings.
Trust: Incoming traffic will be trusted and not inspected.
Rate Limit: Select the rate limit form the drop-down box.

For General Settings, specify any comment or description you want to add.

For Network Settings, modify the following information:

Direction: Select the direction of the flow for the segment ports:
- Port A to Port B
- Port B to Port A
Note: To rate shape traffic for bi-directionality, you must create two filters: one for A > B and one for B > A. The button Create filters for both directions will create both filters for you.
Protocol: Select Protocol: IP, TCP, UDP, or ICMP. If you selected the ICMP protocol, the filter displays the ICMP Settings: Type, Code
Source: Address: Enter a source IP Address and select the format as CIDR, IP Mask, or Any IP.
- Port- Enter the Port. Default value is ANY.
Dest Address: Enter a destination IP Address and select the format as CIDR, IP Mask, or Any IP.
- Port- Enter the Port. Default value is ANY.
- Note: The Port option will be available or not depending on the Protocol option previously selected

Save As: Select this option to edit a filter and save with different settings.

Distribute: Use this option to distribute the filter.

Click OK.

Traffic Management Filter Order Overview

When you create Traffic Management filters, you can modify the sequence they fire in by selecting a filter and using the Move Up and Move Down buttons at the bottom of the screen. In general, more specific filters should come first. For example, a more specific IP filter might block traffic with fully qualified source and destination IP addresses and ports. More general ones, like those that apply to subnets, should follow. Other filters inspect packets that match "allow" or "rate-limit" filters. In other words, the system does not allow attacks through because the packet matches an "allow" filter. You can also set the filters to trust traffic. Trusted filters instruct the IPS not to inspect the traffic, allowing the traffic to continue without comparing it with any other filter rules.

How To: Modify the Traffic Management Filter Order

On the Traffic Management screen, move filters into an order for the system to use.

Select the appropriate filter and click the appropriate button:

Move Up
Move Down

The new order is automatically saved.

How do I create or edit a Traffic Management Filter on the SMS?

Product / Version includes:

TippingPoint SMSAll

Last updated: 2024/07/29

Solution ID: KA-0017245

Category: Configure , Troubleshoot , Deploy

Summary

Traffic Management filters react to traffic based on limited parameters including the source IP address, destination IP address, port, protocol, or other defined values. As an example, you might define the following Traffic Management filters for your web servers in a lab that denies access to external users:

Block traffic if the source is on an external subnet that arrives through port 80 and is destined for the IP address of your web server.
Block traffic if the source is your web server, the source port is 80, and the destination is any external subnet.

Procedure:

How To: Create or Edit a Traffic Management Filter

Log in to the SMS from a client.
From the top navigation pane, click Profiles. The Profiles screen displays.
From the navigation pane on the left, click the + sign next to the Inspection Profiles to expand the category.
From the navigation pane on the left, locate and expand the Profile you will be working with.
Select the Traffic Management tab.
The Traffic Management screen displays.
Perform one of the following tasks:
- To create a new filter, click New or right-click a selected filter and choose New.
- To edit and existing filter, select a filter and click Edit or right-click the selected filter and choose Edit.
The Create/Edit Traffic Management Filter dialog opens.
- Locked: To lock the filter, select the Locked check box.
- Inheritance: To use inherited settings, select these Inherited Settings checkbox. Note: This option is only available if the filter has been inherited from another Profile.
For Filter Info, enter a filter name. The profile for the filter displays below the name.
- Note: If you want to apply special handling for IP protocol packet fragments, check the appropriate box to create a filter for fragments only. Generally, this option is used on applications, such as streaming media. If you use this option to create special handling for packet fragments, you must create another rule to handle non-fragmented packets.
Fraction, select one of the following actions for the filter:
- Enabled: If the check box is not selected, the filter is disabled.
- Block: Select to block traffic
- Allow: Incoming traffic will be inspected using profile settings.
- Trust: Incoming traffic will be trusted and not inspected.
- Rate Limit: Select the rate limit form the drop-down box.
For General Settings, specify any comment or description you want to add.
For Network Settings, modify the following information:
- Direction: Select the direction of the flow for the segment ports:
  - Port A to Port B
  - Port B to Port A
- Note: To rate shape traffic for bi-directionality, you must create two filters: one for A > B and one for B > A. The button Create filters for both directions will create both filters for you.
- Protocol: Select Protocol: IP, TCP, UDP, or ICMP. If you selected the ICMP protocol, the filter displays the ICMP Settings: Type, Code
- Source: Address: Enter a source IP Address and select the format as CIDR, IP Mask, or Any IP.
  - Port- Enter the Port. Default value is ANY.
- Dest Address: Enter a destination IP Address and select the format as CIDR, IP Mask, or Any IP.
  - Port- Enter the Port. Default value is ANY.
  - Note: The Port option will be available or not depending on the Protocol option previously selected
Save As: Select this option to edit a filter and save with different settings.
Distribute: Use this option to distribute the filter.
Click OK.

Traffic Management Filter Order Overview

How To: Modify the Traffic Management Filter Order

On the Traffic Management screen, move filters into an order for the system to use.
Select the appropriate filter and click the appropriate button:
- Move Up
- Move Down
The new order is automatically saved.

Reference: SMS User Guide

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

How do I create or edit a Traffic Management Filter on the SMS?

Procedure:

How do I create or edit a Traffic Management Filter on the SMS?

Product / Version includes:

Summary

Procedure: