Current IP Filters in Scan Order Workspace
The Current IP Filters in Scan Order workspace is used to display IP filters
beyond the first 500 IP Filters shown in the Current IP Filters Workspace.
The filters are displayed in the order that the stack would scan them to match
them to packets.
One of the ways to display the Current IP Filters in Scan Order workspace
is to do the following:
- Right-click the IP Filters navigator item for a
specific TCP/IP stack.
- Select Workspaces and select the Current IP Filters link.
- Click the Link icon in the Current IP Filters In Scan Order summary table and
select Current IP Filters in Scan Order. Rows of data
are displayed that match the scan order.
There can be tens of thousands of IP Filters. The query filter implemented
for this workspace retrieves up to 500 IP Filters at a time.
The Tivoli Enterprise Portal displays 100 rows of IPSec Filters at a time.
Use the Tivoli Enterprise Portal scrolling controls or change the page number
at the top right of the table view to see the remaining IP Filters from the
current set of up to 500 IP Filters.
If more IP Filters exist beyond the set of 500 currently displayed, a link
named Current IP Filters In Scan Order By Next Page will
be provided in the right-click menu of the Link icons
for each row in the Current IP Filters in Scan Order table view. Use this
link to display each successive group of 500 IP Filters. When no more IP Filters
are available for display, the link will not appear in the right click menu.
If you have already used the Current IP Filters In Scan Order
By Next Page link to display additional IP Filters, another link named Current IP Filters In Scan Order By Previous Page can be
used to return to the previous set of 500 IP Filters.
Summary information is displayed in the Current IP Filters Attributes summary
table. See Current IP Filters in Scan Order summary table for a list of other
workspaces that can be accessed by clicking the Link icon
in the summary table.
The Current IP Filters in Scan Order Workspace contains the following views:
- Five Filters With Most Total Packets Matched: Displays
the five filters that have the highest number of total packets that matched
the filter's condition and action in the Current IP Filters table.
- Five Filters With Most Total Packets Denied By DENY:
Displays the five filters that have the highest number of total packets that
matched the filter's condition and for which the action was DENY.
- Five Filters With Most Total Packets Denied by Mismatch: Displays the five filters that have the highest number of total packets
that matched the filter's condition but did not match the filter's
action (for example, if a packet was sent "in the clear" but the action
was coded as IPSec). This view can provide an indication of a configuration
problem such as packets flowing in the clear when they should be encrypted.
- Current IP Filters in Scan Order summary table: provides
performance and configuration data about IP filters that are grouped on the
same logical page.
Current IP Filters in Scan Order summary table
The Current IP Filters in Scan Order by Same Page summary table provides
performance and configuration data about the IP filters that are grouped on
the same logical page. The filters are displayed in the order that they would
be scanned by the TCP/IP stack when it compares them to packets.
For a complete list of the attributes available in the Current IP Filters
in Scan Order by Same Page summary table, and a brief description of each,
see the Current IP Filters Attributes help panel.
The following additional workspaces can be accessed by clicking the Link icon in the Current IP Filters in Scan Order summary
table:
- Dynamic IP Tunnels by Filter Rule Definition Name Workspace (default):
This link navigates to the Dynamic IP Tunnels by Filter Rule Definition Name
workspace and shows tunnels that have a Filter Rule Definition
Name that matches the name of the selected filter. This is a conditional
link and is displayed in the list of available links only if the filter Type is DYNAMIC (4), NATTDYN (6), or NRF (7).
- Dynamic IP Tunnels by Tunnel ID Workspace:
This is a conditional link displayed in the list of available links only
if the filter Type is DYNAMIC (4), NATTDYN (6), or NRF
(7). This link navigates to the Dynamic IP Tunnels workspace and shows tunnels
that have a tunnel ID that matches the tunnel ID associated with the selected
filter.
- Manual IP Tunnels by Tunnel ID Workspace:
This is a conditional link displayed in the list of available links only
if the filter type is MANUAL (2). This link navigates to the Manual IP Tunnels Workspace and
shows tunnels that have a tunnel ID that matches the tunnel ID associated
with the selected filter.
- The Current IP Filters In Scan Order By Previous Page
Workspace: This conditional link is displayed in the list of available
links only if the page number for the selected link is greater than 0. This
link navigates to the Current IP Filters in Scan Order workspace and shows
the IP filters that have a page number that is 1 less than the page number
for the selected filter. If the active filters have changed significantly
between collection intervals (for example, if the filter set in use was switched
or a large number of filters became inactive), this link will display a workspace
with no filters.
- Current IP Filters In Scan Order By Next Page Workspace: This conditional link is displayed in the list of available links
only if the page number for the selected link is less than the value in the
Last Page column of the selected row. This link navigates to the Current
IP Filters in Scan Order workspace and shows the IP filters that have a page
number that is 1 more than the page number for the selected filter. If the
active filters have changed significantly between collection intervals (for
example, if the filter set in use was switched or a large number of filters
became inactive), this link might display a workspace with no filters.
- Current IP Filters By Destination Address:
This link causes a dialog box to be displayed that prompts you for a destination
IP address that is compared to the currently active filters for a TCP/IP stack.
The IP address input field in the dialog box is filled in by default with
the value from the Destination Address column for the
selected filter, but you can change this value to be another IPv4 or IPv6
address found on this TCP/IP stack. Specify an IP address that has the same
IP address version as the selected filter. If you specify an IPv6 address
and the selected filter has an IPv4 address, then the linked-to workspace
will not find any filters to display. With this address as input, this link
navigates to the Current IP Filters By Destination Address Workspace showing
the IP filters that match the destination IP address that you provided. Note
that if the Destination Address column in the summary
table is blank, the IP address input field in the dialog box is filled with
an IP address that has a value of zero (0) for all subnets in the address.
See also: