Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| en:dpi:dpi_options:opt_filtration:filtration_ctrl [2020/02/05 17:29] – ↷ Page moved from en:dpi:dpi_options:base_functionality:opt_filtration:filtration_ctrl to en:dpi:dpi_options:opt_filtration:filtration_ctrl lexx26 | en:dpi:dpi_options:opt_filtration:filtration_ctrl [2024/11/29 10:19] (current) – elena.krasnobryzh | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== 3 Management ====== | + | {{tag> |
| + | |||
| + | ====== | ||
| + | {{indexmenu_n> | ||
| + | In order to filter a traffic of some particular subscribers, | ||
| + | |||
| + | < | ||
| + | |||
| + | As a result, this service is configured on level of individual subscribers by [[en: | ||
| + | |||
| + | Instruction format: | ||
| + | < | ||
| + | fdpi_ctrl command --service 4 [IP_list] | ||
| + | </ | ||
| + | <note important> | ||
| + | |||
| + | <note tip>When the service is activated, only TCP traffic is blocked. To block UDP traffic as well, you must [[en: | ||
| + | |||
| + | Examples: | ||
| + | |||
| + | Activate the service for all subscribers and switch filtering off for an administrator: | ||
| + | < | ||
| + | fdpi_ctrl load --service 4 --cidr 192.168.0.0/ | ||
| + | fdpi_ctrl del --service 4 --ip 192.168.0.1 | ||
| + | </ | ||
| + | |||
| + | Enable the service for an independent system AS50538: | ||
| + | < | ||
| + | fdpi_ctrl load --service 4 --cidr 37.110.240.0/ | ||
| + | </ | ||
| + | |||
| + | Creating named profile and activating it to several subcribers | ||
| + | < | ||
| + | fdpi_ctrl load profile --service 4 --profile.name test_black --profile.json '{ " | ||
| + | fdpi_ctrl load --service 4 --profile_name test_black --ip 192.168.0.1 | ||
| + | fdpi_ctrl load --service 4 --profile_name test_black --ip 192.168.0.2 | ||
| + | </ | ||
| + | here\\ | ||
| + | in json format sets folowing profiles' | ||
| + | redirect - web page to redirect to\\ | ||
| + | federal : 0/1/2/etc. using local athorities blacklist\\ | ||
| + | url_list - URL blacklist\\ | ||
| + | ip_list - IP: | ||
| + | cn_list - Common Name blacklist | ||
| + | |||
| + | Blacklist can be loaded from external source, like " | ||
| + | |||
| + | Searching subscribers with named profile: | ||
| + | < | ||
| + | fdpi_ctrl list all --service 4 --profile.name test_black</ | ||
| + | |||
| + | Deleting subscribers with named profile (the named profile has no subscribers using it) | ||
| + | < | ||
| + | fdpi_ctrl del profile --service 4 --profile.name test_black | ||
| + | </ | ||
| + | |||
| + | Changing parameters of named profile (new settings apply to all subscribers with the named profile) | ||
| + | < | ||
| + | fdpi_ctrl load profile --service 4 --profile.name test_black --profile.json '{ " | ||
| + | </ | ||
| + | |||
| + | Maximum number of profiles for blacklist service is configuerd by a parameter in / | ||
| + | < | ||
| + | max_profiles_black_list=64 | ||
| + | </ | ||
| + | here\\ | ||
| + | 64 default value, 65535 maximum value\\ | ||
| + | <note warning> | ||
| + | |||
| + | =====Activation of IPv6 traffic blocking service===== | ||
| + | Instruction format: | ||
| + | <code bash> | ||
| + | fdpi_ctrl command --service 49 [Services_list] [IP_list or login] | ||
| + | </ | ||
| + | <note important> | ||
| + | |||
| + | Activate the service: | ||
| + | <code bash> | ||
| + | fdpi_ctrl load --service 49 --login DEMO | ||
| + | </ | ||
| + | or | ||
| + | <code bash> | ||
| + | fdpi_ctrl load --service 49 --vchannel 1 | ||
| + | </ | ||
| + | |||
| + | <note tip>When the service is activated, only TCP traffic is blocked. To block UDP traffic as well, you must [[en: | ||