Check out the new USENIX Web site. next up previous
Next: Protocol Stack Architecture Up: Architecture Design Previous: HTTP Header-based Controls

Filter Specification


{\tablename} 2: Example Network-level Policies
(dst IP,dst port,src IP,src port) (r,b) priority
(*, 80, *, *) (300,5) 3
(*, 80, 10.1.1.1, *) (100,5) 2
(12.1.1.1, 80, *, *) (10,1) *

A filter rule specifies the network-level and/or application-level attributes that define an aggregate and the parameters for the control mechanism that is associated with it. A network-level filter is a four-tuple consisting of local IP address, local port, remote IP address, and remote port; application-level filters were shown in Table 1. Table 2 lists some network-level filter examples. The first rule applies to the web server process listening at local port 80 on all network interfaces; it specifies that all connections to the server are rate-controlled at a rate of 300 conns/sec, a burst of 5, and a priority of 3 (the default lowest priority). The filter rules can contain range of IP addresses, wildcards, etc.


next up previous
Next: Protocol Stack Architecture Up: Architecture Design Previous: HTTP Header-based Controls
Renu Tewari
2001-05-01